States  want  VoIP  But  first  they  need  to  get  the  What’s  next  for  Qwest?  Spurned  by  MCI, 

underlying  infrastructure  in  place.  PAGE  8.  the  carrier  readies  its  next  move.  PAGE  10. 
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,  director  of  networking  at  USC,  has 
65,000  IP  addresses  to  keep  tabs  on.V  ithouta  solid  IP 
address  ma  agemen  system,  “it  would  get  pretty 
messy  very  quickly.  In  thisTechnology  Insider,  we 
highlight  new  automated  tools  that  can  help  address 
the  problem  of  proliferating  IP  addresses.  Page  40. 
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Lucent's  VitalQIP  edges  Metalnfo’s 
Meta  IP  to  win  our  test  of  IP  address 
management  products.  Page  44. 
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HP  readies  storage  push 
aimed  at  reversing  slide 


■  BY  DENI  CONNOR 

HP  next  week  is  set  to  revitalize 
its  storage  family  with  the  intro¬ 
duction  of  a  slew  of  products 
designed  to  give  customers  more 
flexibility  in  storing  data  center 
and  remote-office  information. 

The  company  says  the  an¬ 
nouncements  will  constitute  its 


most  important  storage  launch 
ever  and  signal  that  it  is  ready  to 
erase  its  mistakes  of  the  past.  HP 
saw  its  market  share  slip  last  year, 
to  put  it  in  the  No.  2  position. 

HP’s  StorageWorks  disk  storage 
business  accounted  for  almost 
$7.6  billion  in  revenue  in  2004, 
according  to  IDC.But  HP’s  storage 
See  HP,  page  59 


Cisco,  Juniper  joust 
over  net  blueprints 

Enlivened  Interop  also  focuses  on  security,  wireless. 


■  BY  PHIL  HOCHMUTH  AND 
DENISE  DUBIE 

LAS  VEGAS  —  A  smaller  venue 
and  larger  turnout  last  week 
helped  infuse  Interop  2005  with 
long-absent  excitement  about  the 
network  industry 

The  event  drew  17,000  atten¬ 
dees  and  featured  a  ton  of  wire¬ 
less  and  security  products,  as  well 
as  news  that  a  second  show  — 
Interop  Fall  2005  —  will  be  com¬ 
ing  in  December  to  the  Jacob 
Javits  Center  in  New  York. 

The  conference  featured 
keynote  addresses  on  back-to- 
back  days  by  Cisco  CEO  John 
Chambers  and  his  counterpart  at 
rival  Juniper.They  laid  out  distinct 
paths  users  can  choose  when 


CEOs  John  Chambers  of 
Cisco  (left)  and  Scott 
Kriens  of  Juniper  laid  out 
conflicting  views  on  how 
customers  should  build 
secure  networks. 


Columnists  Mark  Gibbs  and  Paul  McNumara  report  fit  a  the  show  Page  62. 


building  secure,  wired  and  wire¬ 
less  corporate  networks:  one-stop- 
shop  vs.  multi-vendor. 

Chambers  emphasized  that 
businesses  are  looking  for  ven¬ 
dors  to  act  as  strategic  partners, 


rather  than  buying  individual, 
task-oriented  products  from  a 
gang  of  companies.  Products  that 
can  offer  lots  of  things  in  one  box, 
or  a  vendor  with  many  different 
See  Interop,  page  12 


When  animals  attack 


Networks  pay  the  tab  for  voracious  varmints. 


The  crime  scenes  last  February  in  rural  Sweden  _r 
looked  remarkably  similar  despite  being  90 
apart.  The  perpetrators  appeared  to  have 
through  the  smallest  of  cracks.  Footprints  dotted  the  snow. 
Each  case  claimed  more  than  a  thousand  victims. 

And  then,  there  were  the  telltale  teeth  marks. 

No  doubt  about  it:  Field  mice  had  done 
dirty  deeds. 

TeliaSonera,  a  Stockholm  telecom  carrier,  suf¬ 
fered  two  nearly  daylong  network  outages  that 
caused  roughly  4,000  wireline  and  wireless 

See  Interop,  page  16 
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The  University  of  Southern  California  has  65,000  IP 
addresses,  and  if  Director  of  Networking  Janies  Wiedel, 
right,  wasn't  paying  close  attention  "it  would  get  pretty 
messy  very  quickly."  In  this  Technology  Insider,  we  high¬ 
light  new  automated  tools  that  can  help  address  the 
problem  of  proliferating  IP  addresses.  Page  40. 

[5  Lucent’s  VitalQIP  edges  Metainfo's 
Meta  IP  to  win  our  test  of  IP 
address  management  products. 
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Best  way  to  handle  DNS 

Help  Desk  guru  Ron  Nutter  offers  suggestions  to  a  reader  who 
asks:  “In  doing  a  check  of  our  DNS  servers  recently,  I  was 
surprised  to  find  that  they  would  resolve  requests  that  weren't 
coming  from  our  network.  How  can  we  still  allow  for  our  internal 
network  to  resolve  outside  systems  but  control  what  can  be  done 
from  the  outside  world?"  DocFinder:  7041 
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DocFinder:  7042 
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IM  tricks  keep  coming 

Columnist  James  Gaskin  looks  at  the  issue  of  enterprise  instant¬ 
messaging  use  and  security,  and  offers  suggestions  on  options  for 
encrypting  instant  messages.  DocFinder:  7043 
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Even  experts  get  viruses 

Executive  Online  Editor  Adam  Gaffin  says  you  shouldn't  feel  bad  if 
you  get  hit:  “Darren  Miller,  a  network  security  consultant  with 
DefendingTheNet.com  and  ParaLogic,  describes  how  he  fell  for  a 
particularly  specialized  attack."  DocFinder:  7044 
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IBM  set  to  slash  13,000 jobs 

■  After  reporting  less  than  rousing  first-quarter  financials,  IBM  exec¬ 
utives  last  week  detailed  a  series  of  restructuring  moves  —  includ¬ 
ing  the  loss  of  between  10,000  and  13,000  jobs  —  aimed  at  reduc¬ 
ing  bureaucracy  and  improving  operating  efficiency  Most  of  the  job 
cuts  —  which  may  reduce  spending  by  $300  million  to  $500  million 
in  the  second  half  of  the  year  —  will  come  from  IBM’s  European 
operations,  where  the  company  expects  to  eliminate  a  layer  of 
upper  management  and  push  greater  decision-making  power  to 
client-facing  staff.  Another  initiative  pertains  to  IBM’s  Global 
Services  business.  IBM  will  work  to  improve  the  efficiency  of  its  ser¬ 
vices  operations  by  standardizing  job  roles,  processes  and  tools, 
and  consolidating  service  delivery  workloads  into  fewer  locations, 
called  “integrated  delivery  centers,”  IBM  says.  The  cuts  are  IBM’s 
biggest  round  of  layoffs  since  15,600  jobs  were  cut  in  2002  after  five 
straight  quarterly-sales  declines.  CEO  Sam  Palmisano  last  month 
said  the  top  50  managers  would  not  receive  pay  increases  after  the 
company’s  first-quarter  sales  grew  3%,  to  $22.9  billion,  the  slowest 
pace  in  10  quarters. 

Sun  makes  overseas  moves 

■  Sun  is  scaling  back  its  Silicon  Valley  engineering  group  and  expanding  its  facilities 
around  the  world  to  save  on  costs.The  company  said  last  week  it  would  grow  facilities  in 
Bangalore,  Beijing,  St.  Petersburg  and  Prague.  Published  reports  said  Sun  isn’t  pulling  out 
of  Santa  Clara  but  won’t  be  hiring  much  more  there  for  the  time  being.The  ability  to  quick¬ 
ly  hire  large  numbers  of  programmers  in  India  and  other  low-cost  locations  justified  the 
company’s  plan  to  combine  its  worldwide  research  staff  in  those  places,  Sun  says.  Sun 
recently  said  it  would  outsource  its  internal  information  technology  team  to  Computer 
Sciences  Corp.  in  a  contract  worth  $360  million.  The  company  has  reduced  its  staff  to 
about  30,000,  from  about  43,000  four  years  ago. 

FGG  denies  SBC  plan 

■  The  FCC  last  week  denied  SBC’s  petition  to  exempt  new  Internet-based  services 
from  traditional  telephone  regulations.The  petition  sought  to  isolate  SBC’s  new 
Internet  networks,  such  as  the  fiber  optic  Project  Lightspeed  for  consumer  IPTV,  from 
policies  that  provide  competitors  access  to  that  infrastructure  at  wholesale  prices.The 
FCC  voted  4-0  to  reject  the  petition.  SBC  expects  the  FCC  to  eventually  rule  in  favor  of 
the  RBOC  and  its  peers:  “We  are  confident  that  the  FCC  will  decide  conclusively  in 
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Snail  mail 

Israeli  researchers  have  proved  that  snails  can  move  data  faster  than  the  average 
DSL  line  -  provided  you're  talking  about  Giant  African  Snails  attached  to  “chariots" 
in  which  the  wheels  consist  of  DVDs  laden  with  data.  Alas,  the  technique  is  only  use¬ 
ful  over  very  short  distances.  Get  information  quick  every  week  at 
Compendium,  www.networkworld.com,  DocFinder:  7051. 
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<§>  Microsoft’s  blog  bid.  Rewing  its  Longhorn  marketing  engine,  Microsoft 
is  forming  a  team  of  bloggers  who  will  get  early  access  to  prereleases  of  the 
operating  system  and  will  be  asked  to  review  the  Windows  XP  successor.  "They'll 
tell  us  where  we’re  screwing  up,  what  we’re  doing  well,  and  will  be  the  world's  top 
authorities  on  Longhorn,"  Microsoft  Longhorn  Evangelist  and  blogger  Robert  Scoble 
wrote. 

Egenera  Staying  private.  Blade  server  pioneer  Egenera  has 
|  withdrawn  its  filing  for  an  IPO,  citing  market  conditions.  In  early  2004,  when  the 
filing  was  made,  the  market  seemed  to  be  on  an  upswing.  "But  right  around  the 
time  that  we  filed,  the  market  went  south  on  us  again  and  has  been  going  sideways 
at  best  since  then,"  says  Tom  Sheehan,  Egenera's  CFO.  The  decision  to  pull  the  IPO 
came  just  days  after  the  company  announced  that  it  had  received  $45  million  in 
new  funding. 

®  E-mail  goes  to  pot  A  new  study  conducted  at  King's  College  London 
found  that  juggling  e-mail  and  working  at  the  same  time  caused  people's  IQ  to  fall 
during  the  day  as  much  as  it  would  if  they  missed  a  night’s  sleep  and  more  than 
twice  as  much  as  it  would  if  they  had  smoked  pot.  V 


favor  of  investment  and  deployment  in  broadband  networks  to  bring  innovation,  com¬ 
petitive  choice  and  value  to  consumers,”  said  James  Smith,  SBC  senior  vice  president 
for  FCC  issues,  in  a  statement. 

Gore  gets  his  Internet  due 

■  Maybe  he  didn’t  invent  the  Internet,  but  after  all,  he  made  some  serious  contribu¬ 
tions  to  its  success. That  seems  to  be  the  thought  behind  the  International  Academy 
of  Digital  Arts  and  Sciences’  decision  to  present  former  Vice  President  A1  Gore  with 
a  Webby  lifetime  achievement  award.Vint  Cerf,one  of  the  Internet’s  key  inventors,  will 
give  Gore  the  award  at  a  June  6  ceremony  in  NewYork.The  group  says  Gore  while  in 
Congress  promoted  high-speed  telecommunications  for  economic  growth  and  sup¬ 
ported  funding  increases  for  the  then-fledging  network.  Gore  has  been  roundly 
ridiculed  for  a  1999  CNN  interview  where  he  said  he  “took  the  initiative  in  creating 
the  Internet.”  Gore  is  widely  credited  for  popularizing  the  term  “information  super¬ 
highway’ 

FCG-backed  911  plan  on  tap  for  VoIP  providers? 

■  Published  reports  last  week  indicated  the  Federal  Communications  Commission 
might  require  Internet-based  telephone  companies  to  offer  91 1  emergency  services  by 
as  early  as  the  end  of  September.The  proposal  would  require  companies  such  as  Vonage 
to  route  91 1  calls  directly  to  primary  emergency  lines  within  four  months  of  the  order 
being  issued.  The  proposal  could  be  voted  on  as  soon  as  the  agency’s  next  open  meet¬ 
ing  May  19.  How  the  FCC  would  enforce  such  as  statute  remains  unclear. Vonage,  which 
has  arrangements  with  Verizon  and  others  to  handle  911  calls,  has  been  sued  by  Texas 
and  Connecticut,  where  customers  had  trouble  reaching  911. 
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With  so  much  riding  on  your  high  profile  IT  projects,  you  can’t 
afford  to  overlook  testing.  IT  failures  strike  at  the  worst  time,,  you  never 
see  them  coming,  ail'd  the  consequences  are  often  devastating.  And  a  highly 
visible1  failure  will  undermine  your  company’s  credibility.  Not  to  mention  your 
credibility.  Luckily,  Spirent  cart  help.  Our  network  testing  solutions  allow  you  to 
test  your  voice,  video,  and  data  applications  before  you  deploy  them.  You  can 
minimize  the  chance  of  failure.  You  can  isolate  security  vulnerabilities.  And  you 
can.  also  reduce  operating  costs..  Download  our  revealing  white  paper  online  at 
www.spirentcom.com/strategiclT  or  call  1-800-927-2660. 


8 

NetworkWorld 

5/9/05 

News 

www.networkworld.com  | 

States  want  VoIP,  lack  infrastructure 

Policies  and  network  upgrades  needed  to  support  the  technology,  say  state  CIOs. 


■  BY  TIM  GREENE 

BURLINGTON,  Vt.  —  Demand 
for  VoIP  in  state  government  is 
high,  but  states  are  slow  to  adopt 
it  because  they  first  need  to  in¬ 
stall  infrastructure  that  supports 
the  technology. 

Corporations  that  acquire  other 
businesses  face  the  task  of  unify¬ 
ing  networks.  Statewide  IT  offi¬ 
cials  are  placed  in  a  similar  situa¬ 
tion  and  have  to  deal  with  inte¬ 
grating  separate  department  net¬ 
works  that  were  created  with  no 
overarching  architecture  or  stan¬ 
dards  in  place,  according  to  many 
state  IT  officials  at  last  week’s 
Northeast  regional  meeting  of  the 
National  Association  of  State  Tele¬ 
communications  Directors 
(NASTD). 

Vermont  is  one  of  the  few 
states  without  this  problem  be¬ 
cause  it  currently  uses  carrier- 
based  Centrex  service  for  all  de¬ 
partments.  It  is  upgrading  its 
data  WAN  to  support  IP  voice, 
said  Christopher  Campbell, 
deputy  commissioner  of  the 
Department  of  Information  and 
Innovation. 

“We’re  improving  the  WAN  to 
do  VoIP  with  quality  of  service,” 
Campbell  said.  “We’re  keeping  a 
very,  very  open  mind.”  The  state 


VoIP  drivers 


IT  pros  were  asked  to 
indicate  which 
applications  are  or  will 
drive  their  convergence 
initiatives. 


(multiple  responses  allowed) 
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Conferencing  61% 


Productivity  58% 


Remote  access 

Network-based  voice  mail  50% 
Remote  access  to  telephony 
Video/distance  learning  46°4 

i  i  i  i 

Unified  messaging  42% 


Call  center  39% 


39% 
f§an  messaging 


25% 
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CIOs  voice  cyberterrorism  worries 


State  CIOs  say  their  No.  1  concern  is  cyber¬ 
terrorism  and  that  the  federal  government 
isn’t  paying  enough  attention  to  it. 

"It’s  a  serious  issue  and  becoming  a  lesser 
issue  for  the  feds,"  said  Thomas  Jarrett,  presi¬ 
dent  of  the  National  Association  of  State  CIOs 
(NASCIO).  "They  seem  to  want  to  focus  on  the 
'boots  and  suits'  approach  to  national  security.” 

His  remarks  came  at  the  Northeast  regional 
meeting  of  the  National  Association  of  State 
Telecommunications  Directors,  which  includes 
state  IT  executives,  as  well. 

About  half  of  NASCIO’s  members  spent  last 
Wednesday  on  Capitol  Hill  leafleting  their  repre¬ 
sentatives  with  their  list  of  priorities,  topped  by 
the  need  for  technology  to  block  malicious 
exploits. 

Shoring  up  state  networks  with  anti-virus, 
intrusion-detection/prevention  and  other  secur¬ 
ity  gear  has  to  contend  with  other  demands  on 
government,  Jarrett  said.  The  absence  of  a  dis¬ 
astrous  cyberattack  to  date  makes  it  difficult  to 
generate  support.  “If  it's  healthcare  vs.  some 
new  boxes  I  want  to  put  in,  I  can  tell  you  what's 
going  to  win,”  he  said. 

Jarrett,  who  is  CIO  for  Delaware,  said  IT 


departments  in  his  state  log  2,000  virus  and  spy- 
ware  attempts  per  day. 

The  funding  problem  is  complicated  by  the 
fact  that  state  CIOs  are  generally  appointed  by 
the  governor,  and  that  when  a  new  governor  is 
elected,  a  new  CIO  is  appointed.  This  makes 
continuity  difficult. 

"It  ought  to  be  a  cabinet-level  position 
because  we  need  a  seat  at  the  table,  but  it's 
caught  up  in  a  lot  of  politics,”  Jarrett  said.  “We 
need  processes  that  aren’t  so  tied  to  the  person 
at  the  top," 

With  CIOs  changing  fairly  frequently,  setting 
priorities  and  keeping  up  pressure  for  funding  is 
a  constant  struggle.  Jarrett  said  he  is  the  sec¬ 
ond-longest  serving  of  state  CIOs  at  three  and  a 
half  years.  Because  of  seven  new  governor¬ 
ships,  seven  state  CIOs  have  been  replaced 
since  November,  and  another  six  CIO  slots  are 
vacant,  Jarrett  said. 

The  job  is  also  plagued  by  mid-term  defec¬ 
tions. “CIOs  come  in  with  outstanding  ideas  only 
to  become  frustrated  by  the  political  process," 
he  said. 

—Tim  Greene 


hopes  bids  for  statewide  phone 
services  —  when  the  current 
contract  expires  in  two  years  — 
will  attract  proposals  forVoIRbut 
the  technology  won't  be  pre¬ 
scribed  in  the  RFRhe  said. 

Other  states  say  they  still  are 
working  on  statewide  WAN/LAN 
architectures  that  will  make  VoIP 
feasible  both  within  and  be¬ 
tween  departments.  NASTD  has 
an  enterprise  architecture-work¬ 
ing  group,  where  members  swap 
ideas  on  how  to  better  unify  state 
networks.  Upgrades  could  in¬ 
clude  LANs  that  support  virtual 
LAN  (VLAN)  and  Power  over 
Ethernet  and  WANs  that  support 
traffic-shaping  and  QoS. 

IP  PBXs  abound 

Meanwhile,  in  states  without 
clear  VoIP  policies,  installations 
of  IP  PBXs  pop  up  because  they 
meet  the  immediate  needs  of  in¬ 
dividual  agencies.  For  example, 
in  West  Virginia,  three  depart¬ 
ments  use  three  different  ven¬ 
dors  because  there  is  no  overrid¬ 
ing  plan  or  standard  for  which 
vendor  to  use,  said  Carlos 
Neccuzi,  IS  specialist  in  the  De¬ 
partment  of  Administration. 

The  state  police  use  Nortel  IP 
VoIP  gear  to  connect  more  than 
70  offices,  some  of  which  go  un¬ 
staffed  during  parts  of  the  day. 
The  system  is  used  to  divert 
calls  to  offices  where  someone 
is  on  duty  to  answer.  Similarly, 
the  state’s  department  of  high¬ 
ways  has  installed  a  Cisco  IP 
PBX  in  its  headquarters  building 
and  plans  to  extend  the  VoIP 
network  to  10  district  headquar¬ 
ters  buildings. 

Neccuzi’s  own  department  has 
IP  phones  with  a  Toshiba  system 
that  was  purchased  to  connect 
two  offices  by  phone  that  were 
already  connected  by  a  data 
line.“We  didn’t  set  out  to  do  VoIP 
and  ended  up  with  a  few  phones 
anyway”  he  said. 

VoIP  appears  most  often  in 
facilities  that  are  new  because 
departments  can  readily  install 
data  networks  that  support  VoIP 
at  the  outset.  Maine  has  installed 
VoIP  at  a  psychiatric  center  in 
Augusta  and  in  the  state’s  new 
Public  Safety  office  to  handle 
emergency  management  ser¬ 
vices  in  case  of  disasters,  said 
Ellen  Lee,  the  state’s  director  of 
network  services  in  the  Depart¬ 
ment  of  Administrative  and 
Financial  Services. 


In  both  cases, VoIP  was  chosen 
because  the  facilities  were  new, 
so  the  network  was  being  built 
from  scratch  and  could  be 
designed  to  support  the  QoS 
needed  for  VoIP  As  of  this  point, 
the  state  only  uses  VoIP  within 
departments,  not  over  the  WAN, 
Lee  said. 

Virginia’s  Department  of  Social 
Services  and  Department  of 
Health  both  needed  phone  sys¬ 
tems  on  short  notice  when  they 
moved  into  new  facilities.  They 
bought  Cisco  IP  phone  systems 
because  Cisco  was  an  approved 
vendor  they  could  buy  from 
quickly  and  no  vendors  of  tradi¬ 
tional  PBXs  were  approved,  said 
Ann  Hardwick,  associate  director 
of  Virginia  Information  Technol¬ 
ogies  Agency. 

Pennsylvania  has  no  sanc¬ 
tioned  VoIR  because  a  statewide 
policy  specifically  forbids  it  and 
there  is  a  mandate  to  use  Cen¬ 
trex  in  all  metropolitan  areas.  But 
agencies  are  challenging  the  pol¬ 
icy  because  they  want  VoIR  said 
Valerie  Long,  the  state’s  network 
support  services  manager  in  the 
governor’s  office  of  administra¬ 
tion.  “It’s  our  own  fault  because 
we  don’t  have  a  VoIP  policy  that’s 


been  bought  into  by  upper  man¬ 
agement,”  she  said. 

Long  said  the  state  is  looking 
into  pilot  VoIP  programs  that 
would  include  IP  PBXs,  as  well  as 
VoIP  service  from  a  carrier.  The 
trials  would  be  with  a  state 
agency  that  already  had  the  net¬ 
work  infrastructure  to  support 
the  technology  without  an  up¬ 
grade,  she  said. 

Maine  has  to  upgrade  its  infra¬ 
structure  to  support  VoIP  and 
map  a  plan.  “The  infrastructure 
needs  to  be  there  and  solid  first,” 
Lee  said. When  that  will  happen  is 
uncertain  because  the  state  has 
not  written  a  VoIP  strategy 

Needs  convincing 

Some  states  are  unconvinced 
of  VoIP’s  benefits.  In  New  York, 
agencies  can  buy  network  and 
telephony  services  from  the 
state’s  Office  for  Technology  But 
so  far  VoIP  is  not  a  service  the 
office  offers,  even  though  the 
demand  is  high,  said  Daniel 
Corcoran,  director  of  the  office’s 
division  of  telecommunications. 

With  all  the  state’s  current  PBXs 
at  least  IP-enabled,  the  office 
looks  for  opportunities  to  link 
them  via  IP  as  a  way  to  save  oper¬ 


ational  costs,  he  said.  But  some 
agencies  demand  those  savings 
be  passed  along  to  them,  some¬ 
thing  his  department  has  not 
worked  out  yet.  He  said  he’s  not 
sure  there  will  be  large  savings,  if 
any  at  all. 

“We  have  a  sound  rationale  for 
not  jumping  into  this,"  Corcoran 
said.  He  is  looking  for  agencies  to 
demonstrate  a  need  for  VoIP 
based  on  its  ability  to  support  ser¬ 
vices  that  traditional  phones 
can’t,  but  so  far  they  haven’t  come 
up  with  any  “Were  getting  enor¬ 
mous  pressure  to  do  VoIP  and  we 
keep  asking,‘Why?’”  ■ 


More  online! 

Some  early  adopters  of  VoIP  report 
savings  of  up  to  $500,000  annually. 
Attend  a  special  Network  World  event 
exclusively  for  IT  executives  to  find  out  how 
they  achieved  that  success. 
DocHnder  6926 
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Qwest  moves  on  after  MCI  rejection 


■  BY  JIM  DUFFY 

Having  lost  the  auction  for  MCI 
last  week,  despite  bidding  more 
than  Verizon,  Qwest  now  faces  a 
future  as  telecom’s  ugly  stepchild. 

Not  only  will  it  have  to  compete 
against  the  two  new  megacarriers 
—Verizon/MCI  and  SBC/ AT&T  — 
but  it  also  will  have  to  do  so  with 
$15  billion  in  debt,  the  least  attrac¬ 
tive  region  of  any  of  the  RBOCs, 
and  little  presence  in  hot  growth 
markets  such  as  wireless. 

“They  have  showed  their  cards, 
and  since  they  lost  the  game  they 
are  in  a  weakened  position,”  says 
David  Rohde,  a  consultant  with 
TechCaliber,  a  company  that 
advises  companies  on  contractu¬ 
al  dealings  with  carriers.  “The 
financial  situation  that  they’re  in 
trumps  everything.” 

It  certainly  trumped  the  deal  for 
MCI.  Qwest  made  four  offers  for 
the  interexchange  carrier,  all  high¬ 
er  than  Verizon’s  bids  and  all 
turned  down  because  of  the  car¬ 
rier’s  uncertain  finances  after 
2002’s  alleged  accounting  fraud. 
MCI  ultimately  stated  that  some  of 
its  largest  enterprise  customers 
would  seek  to  end  their  contracts 
with  the  carrier  should  it  choose 
Qwest’s  $9.9  billion  offer  over 
Verizon’s  $8.5  billion  bid. 

Despite  the  snub,  Qwest  remains 
encouraged,  especially  after  re¬ 


Back  in  black 

Qwest’s  first-quarter 
profit  snapped  a 
streak  of  five  straight 
quarterly  losses. 


Earnings/loss,  in  millions 
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porting  its  first  profitable  quarter 
after  five  consecutive  losing  quar¬ 
ters.  CEO  Richard  Notebaert  says 
the  carrier  is  “aggressively”  pursu¬ 
ing  other  opportunities  to  drive 
future  growth. 

“We  have  a  number  of  strong 
options  before  us,”  Notebaert  said 
during  a  conference  call  to  dis¬ 
cuss  the  first  quarter  results. 
“We’ve  already  begun  looking  at 
those  options  in  earnest.” 

He  would  not  elaborate  on 
what  those  options  are,  but  said 
they  might  include  picking  up 
some  of  the  assets  divested  by 
SBC/AT&T  and  Verizon/MCI  as 


they  integrate  their  operations 
under  the  watchful  eye  of  the 
Securities  and  Exchange  Com¬ 
mission  and  other  regulators. 

“We’d  be  very  open  to  that,” 
Notebaert  said, adding  that  Qwest 
is  looking  at  how  it  can  create  a 
“meaningful  third  leg”  to  the 
SBC/AT&T  and  Verizon/MCI  mega 
marriages.“It’s  a  good  opportunity 
for  us.” 

Another  opportunity  according 
to  analysts,  is  a  three-way  combi¬ 
nation  of  Qwest,  Sprint  and  Bell¬ 
South.  Qwest  already  has  arrange¬ 
ments  with  both:  It  resells  Sprint’s 
Sprint  PCS  wireless  service  and 
provides  out-of-region,  long-dis¬ 
tance  facilities  for  BellSouth. 

For  Qwest,  this  possibility  would 
provide  it  with  a  credible  wireless 
presence  —  Sprint  is  acquiring 
Nextel  to  become  the  third- 
largest  wireless  operator  in  the 
U.S.,  behind  Cingular  and  Verizon 
Wireless  —  and  expand  its  local 
access  reach  into  BellSouth’s 
nine-state  region  in  the  Southeast. 

“What  this  is  really  all  about  is 
that  third  supercarrier,”  says 
Thomas  Nolle,  president  of  con¬ 
sultancy  CIMI.  “I  don’t  think 
Qwest  and  Sprint  by  themselves 
would  be  strong  enough  to  be 
the  third  supercarrier,  which 
means  the  BellSouth  deal  would 
have  to  be  made.” 

Sprint,  however,  is  busy  working 


Madge  targets  WLAN  access 


■  BY  JOHN  COX 

Token-ring  war-horse  Madge  this  month  continues 
its  bid  to  reinvent  itself  as  an  enterprise  wireless  LAN 
supplier,  with  the  release  of  a  branch  office  version 
of  its  access-control  device. 

The  company  is  pricing  its  Enterprise  Access 
Server  (EAS)  100  aggressively  at  $900.  Rival  products 
from  companies  such  as  Aruba  Wireless  Networks 
and  Bluesocket  cost  considerably  more. 

The  EAS  100  is  intended  to  secure  and  manage 
about  100  users  on  up  to  five  access  points,  either 
Madge’s  own,  or  via  SNMP  a  range  of  third-party  pro¬ 
ducts.  Management  of  a  multi-vendor  WLAN  infra¬ 
structure  has  been  a  key  marketing  message  for 
Madge.  Users  will  have  to  weigh  the  trade-offs  of  a 
standards-based  approach  compared  with  the  pos¬ 
sibly  more  sophisticated  management  with  propri¬ 
etary,  single-vendor  WLANs. 

For  years,  Madge  focused  on  and  became  a 
leader  in  token-ring  LAN  hardware.  But  in  2003,  a 
management  buyout  took  the  company  private. 
Last  year,  Madge  raised  about  $3.8  million  in  a 
funding  round  led  by  venture  capital  firm  Sigma 
Technology  Group. 

The  cash  served  as  fuel  for  faster  WLAN  product 


development  and  expanded  marketing  and  sales 
efforts.  Madge  cut  a  U.S.  distribution  deal  with  In¬ 
gram  Micro  and  began  signing  up  resellers.  The 
company  introduced  dual-radio  access  points,  high- 
end  and  midrange  versions  of  the  EAS,  and  the 
WLAN  Probe  Monitor. 

As  with  its  earlier  WLAN  controllers,  Madge  has 
crammed  the  EAS  100  with  a  wide  range  of  security 
features,  and  then  automated  them  or  reduced  them 
to  a  set  of  Web  configuration  screens. 

The  EAS  100  comes  with  a  built-in  RADIUS  server 
and  certificate  authority  to  handle  security  and  au¬ 
thentication  locally 

The  access  server  also  supports  802.  IX  authentica¬ 
tion  via  Extensible  Authentication  Protocol- 
Transport  Layer  Security 

Other  security  options  include  media  access  con¬ 
trol  address  lists,  Wired  Equivalent  Privacy  a  built-in 
firewall  to  control  specific  IP  ports  and  VPN  support. 

Rodney  Kluever,  systems  specialist  with  Washing¬ 
ton  State  Department  of  Social  and  Health  Services 
in  Olympia,  uses  a  higher-end  EAS  because  the  net¬ 
work  he  oversees  has  more  access  points  than  the 
smaller  100  can  handle.  But  he  has  seen  a  demo  of 
the  100  and  says:  “It  would  be  perfect  for  a  small  to 
medium-sized  business.” ■ 


out  its  $36  billion  deal  for  Nextel, 
so  it’s  not  likely  to  make  a  run  at 
Qwest.  Even  if  it  did  not  have  its 
hands  full  with  Nextel,  Qwest  — 
with  its  rural,  Rocky  Mountain  ter¬ 
ritory  and  huge  debt  —  would 
not  add  much  to  Sprint. 

And  Sprint’s  $33  billion  market 
capitalization  might  make  it  too 
pricey  for  Qwest,  whose  own  mar¬ 
ket  cap  stands  at  about  $7  billion. 

Another  possibility  is  for  Qwest 


as  it  acquires,  is  acquired  or  oth¬ 
erwise  morphs  itself  into  a  more 
viable  competitor  in  the  new  tele¬ 
com  landscape. 

In  doing  so,  another  option  for 
Qwest  is  to  unite  with  a  foreign 
carrier  looking  to  expand  its  pres¬ 
ence  in  the  U.S.,  Pultz  notes.  Still 
another  is  linkage  with  a  cable 
multi-system  operator  (MSO). 

Cable  MSOs  have  been  taking 
residential  voice  lines  from 
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to  size  up  Level  3  Communi¬ 
cations  to  improve  its  nationwide 
assets,  Nolle  says.  Level  3  is  con¬ 
sidered  to  have  one  of  the  most 
advanced  IP/Multi-protocol  Label 
Switching  networks  in  the  world, 
and  last  summer  it  landed  a  huge 
IP  VPN  deal  with  Sears,  Roebuck 
&  Co.,  through  reseller  Computer 
Sciences  (www.networkworld. 
com,  DocFinder.  7050) 

In  any  event,  Qwest  is  not  likely 
to  compete  effectively  in  a  rapidly 
consolidating  industry  on  its  own. 

“Ultimately  Qwest  needs  to 
marry  somebody  with  some 
strength,  and  BellSouth  is  one  of 
the  only  players  left  that  they 
could  form  a  good,  credible  basis 
for  the  third  supercarrierf  Nolle 
says. 

Others  feel  Qwest  might  make  a 
move  for  a  smaller  carrier  with 
nationwide  facilities,  a  focus  on 
enterprise  customers  and  little 
debt,  like  one  that  has  emerged 
from  Chapter  11  bankruptcy  A 
handful  of  carriers  fit  that  profile. 

“The  U.S.  holdings  of  Global 
Crossing  still  have  some  long-dis¬ 
tance  voice  and  frame  relay  ser¬ 
vices;  Broadwing  is  another  that 
has  come  out  of  Chapter  11,”  as 
has  XO  Communications,  says  Jay 
Pultz,  vice  president  and  distin¬ 
guished  analyst  at  Gartner. 

Both  Pultz  and  TechCaliber’s 
Rohde  caution  Qwest  business 
customers  to  be  cognizant  of  the 
possibility  that  the  carrier  might 
sell  off  some  assets  or  exit  regions 


RBOCs  by  offering  VoIP  on  top  of 
their  broadband  cable  modem 
service.  And  RBOCs  have  begun 
offering  video  services  to  counter 
the  incursions  cable  MSOs  have 
made  into  their  territories. 

But  cable  companies  lack  a 
large  enterprise  presence,  the 
kind  of  presence  SBC  gained  by 
acquiring  AT&T  and  Verizon  wins 
by  landing  MCI.  Even  though 
Qwest  does  not  have  the  cadre  of 
large  enterprise  accounts  that 
AT&T  or  MCI  has,  it  has  a  few  that 
could  help  a  MSO  gain  entry  into 
that  market.  It  also  has  the  long¬ 
distance  facilities  a  MSO  might 
desire. 

“One  of  the  things  that  cable 
companies  have  been  talking 
about  is, ‘Yes,  we  want  to  get  into 
that  [business]  market,  we  want 
to  serve  [small  to  midsize  busi¬ 
nesses],’”  says  Will  Stofega,  an 
analyst  at  IDC.“And  [MSOs]  have 
that  content  to  offer  up  into  the 
Qwest  market.” 

Whichever  direction  Qwest 
takes,  the  company  is  buoyed  by 
its  most  recent  quarterly  results, 
which  saw  a  net  profit  after  five 
consecutive  quarterly  losses. 
Ironically  the  profit  is  because  of 
the  $418  million  sale  of  Qwest’s 
wireless  licenses  and  assets  to 
Verizon  Wireless. 

“Our  first  quarter  results  demon¬ 
strate  that  our  strategies  are  work¬ 
ing,”  Notebaert  said  during  the 
conference  call.“It  bodes  well  for 
the  full  year'H 
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Winners  of  the  Network  World  Renovator  Award,  sponsored  by  Juniper 
Networks,  were  celebrated  at  an  event  during  Interop.  Taking  home  the  top 
honors  was  David  Stever  (right)  of  energy  company  PPL,  for  a  network 
overhaul  involving  metropolitan-area  optical  Ethernet  services  and  VoIP. 
The  two  other  finalists  were:  Erik  Durand  (left)  of  PSOMAS,  a  civil  engineer¬ 
ing  firm,  which  migrated  from  frame  relay  to  MPLS  to  support  12  branch 
offices,  and  implemented  a  wide  area  file  service  to  support  real  time  dis¬ 
tribution  of  huge  CAD  files;  and  James  Klein  (center)  from  the  Saugus 
Union  School  District.  The  California  school  district  upgraded  its  16  site 
network  to  support  VoIP  and  video  distribution,  while  also  moving  from 
Novell  Netware  to  open  source  solutions.  All  three  organizations  will  be 
profiled  in  next  week's  issue. 
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products  that  are  co-developed 
and  tied  together,  are  preferable, 
he  said. 

“Very  few  customers  buy  tech¬ 
nology  anymore  based  on  feeds 
and  speeds  and  price”  Chambers 
said.  When  it  comes  to  deploying 
infrastructure  that’s  secure  and 
can  handle  voice,  video  and  data, 
“your  support  cost  for  all  those 
different  pieces  are  going  to  be 
huge  if  they  ail  come  from  differ¬ 
ent  vendors.”  Any  savings  will  be 
lost  on  time  and  money 
spent  trying  to  get  prod¬ 
ucts  to  work  together,  he 
added. 

Kriens’  keynote  took  the  oppo¬ 
site  view.  Junipers  technology 
focus  is  solely  on  secure  and  fast 
network  transaction  processing, 
with  multi-vendor  partnerships 
for  other  areas  of  expertise,  the 
CEO  said. 

“One  of  the  claims  I  would  not 
make  is  that  we  have  all  the 
answers,”  Kriens  said.  “We  don’t 
claim  to  do  all  things,  but  we 
claim  to  do  some  things  that  are 
really  important,  really  well." 

However,  Kriens  did  say  indus¬ 
try  conditions  make  it  hard  for 
smaller  vendors  to  survive,  citing 
his  company’s  own  acquisition  of 
two  smaller  players  —  Peribit 
Networks  and  RedLine  Networks 
—  last  week.  Kriens  also  empha¬ 
sized  Juniper’s  Intranet  and  Enter¬ 
prise  Infranet  initiatives,  which 
look  to  build  multi-vendor  stan¬ 
dards  for  securing  the  public  and 
private  business  networks.  To  this 
end,  he  cited  the  partnership 
announcement  last  week  with 
Avaya,  where  Juniper  and  Avaya 
will  co-market  and  resell  security 
and  VoIP  gear. 

“People  want  open  standards 
and  to  make  choices,”  he  said.  An 
example:  “IP  PBX  decisions 


should  not  dictate  your  routing, 
switching  and  security  decisions.” 

Many  users  milling  about  on  the 
Interop  show  floor  said  they  were 
taking  this  multi-vendor  ap¬ 
proach  to  solve  problems  in 
some  of  the  hottest  technology 
areas:  wireless,  security  and  con¬ 
vergence. 

“I  take  a  portfolio  approach  to 
choosing  vendors,”  said  Irving 
Tyler,  vice  president  and  CIO  of 
Quaker  Chemical  in  Consho- 
hocken,  Pa.  With  a  mix  of  gear 
from  Avaya,  Cisco  and  Perabit,  he 
built  a  secure  wide-area  VoIP  net¬ 


work  that  lets  remote  offices 
access  centralized  data  centers 
and  IP  PBXs  for  voice. 

“I  look  for  vendors  that  have  a 
robust  technology  and  look  for 
companies  that  are  looking  to 
grow  with  us  and  are  in  it  for  the 
long  run,”  he  said.  “We’re  looking 
for  companies  that  are  hungry 
enough  that  they’re  willing  to 
help  us  with  more  than  just  clos¬ 
ing  a  sale.” 

The  days  of  making  different 
vendors’  switches  or  routers  or 
other  basic  infrastructure  gear 
work  together  are  mostly  done,  as 
many  companies  standardize  on 
one  vendor  for  routing  and 
switching  infrastructure.  But  par¬ 
ticularly  in  the  area  of  locking 
down  wireless  LANs  (WLAN), 
users  at  Interop  were  more  open 
to  shopping  around  for  ways  to 
make  the  airwaves  safe  for  net¬ 
work  traffic  inside  and  outside  of 
corporate  and  governmental 
office  buildings. 

For  Mike  Mataraza,  expanding 
his  wireless  network  at  Parkview 
Health  in  Fort  Wayne,  Ind., 
depends  on  the  availability  of  bet¬ 
ter  bandwidth  management  cap¬ 
abilities,  but  security  features  are 


his  main  concern.  A  Nortel  cus¬ 
tomer,  Mataraza  came  to  Interop 
to  check  out  competing  products 
from  Cisco,  Extreme  Networks 
and  Foundry  Networks. 

“We  have  a  few  wireless  hot 
spots,  but  we  are  looking  to  ex¬ 
pand  our  wireless  throughout  the 
hospital,  and  I  have  to  be  sure  I 
can  secure  the  internal  network,” 
he  says. 

Others  have  been  holding  off 
on  wireless  rollouts  because  of  a 
lack  of  appropriate  security  tools. 

“We  are  waiting  to  find  technol¬ 
ogy  that  can  scan  hardware  and 
make  sure  it  complies 
with  our  parameters 
before  it  is  let  onto  our 
network,”  says  Kevin  Le- 
master,  technology  coordinator  at 
Lemoore  Union  High  School  in 
California.  “Being  a  school,  we 
need  to  be  sure  we  can  keep  the 
wrong  people  out  before  we  get 
into  wireless.” 

Some  attendees  shopping  for 
WLAN  gear  say  they  aren’t  even 
going  to  dabble  in  the  technology 
until  a  vendor  proves  it  can  be 
secured. 

“We  have  no  wireless  because  I 
am  looking  for  security  products 
that  can  address  multiple  areas 
like  prevention,  detection,  rogue 
access  points,  firewalls  and  basi¬ 
cally  anything  that  can  protect 
the  enterprise  network  from  wire¬ 
less  security  risks,”  said  Roberto 
Suarez,  an  engineer  for  the  U.S. 
Army  at  Fort  Huachuca  in 
Arizona. 

For  users  ready  to  pull  the  trig¬ 
ger  on  network  buying  deci¬ 
sions,  the  show  floor  had  plenty 
of  new  gear  from  which  to 
choose  —  from  high-perfor¬ 
mance  switching,  network  man¬ 
agement  integrated  security  and 
wireless  gear,  to  applications 
and  services. 

Foundry  kicked  off  the  week  of 
product  announcements  with 
updates  to  its  10G  Ethernet  switch 
portfolio  —  the  Biglron  RX  switch 
family  The  product  family 
includes  three  chassis  with  four 
redundant  switch  fabrics,  which 
can  scale  to  a  total  of  1 .5T  bit/sec, 
with  support  for  up  to  192  10G 
Ethernet  ports,  768  Gigabit  ports 
or  a  mix  of  speeds. 

“We’re  pleased  with  the  uptake 
in  10  Gig,”  said  Foundry  CEO 
Bobby  Johnson.“It’s  not  Mr.  Small 
I  Businessman  [looking  at  10G], 
l  but  it’s  clustered  computing  appli- 
|  cations,  Internet  exchanges  as 
°  well  as  big  corporate,  university 
f  and  government  backbones.  And 
already  I’m  being  asked  what’s 
beyond  lOG.And  that’s  no  joke.” 

Even  Foundry,  long  focused 
more  on  pure  speed  and  perfor¬ 


mance,  outlined  an  entree  into 
the  security  realm.  Johnson  also 
hinted  at  Foundry’s  upcoming 
security  strategy,  which  will 
involve  new  products  based  on 
the  company’s  deep-packet- 
inspection  technology,  such  as 
Layer  4-7  switching. 

“We’re  not  announcing  any 
security  products  here,  but  stay 
tuned  over  the  next  30  days,” 
Johnson  said.There  will  be  some 
specific,  homegrown  security 
products  coming  from  us  that 
add  value  to  [customer’s]  existing 
security  infrastructure,  doing 
things  it  doesn’t  do  well.  And  over 
time,  migrating  customers  off  of 
an  existing  security  infrastructure 
to  Foundry’ 

Cisco’s  security  addition 

Also  on  the  security  front,  Cisco 
introduced  its  Adaptive  Security 
Appliance  (ASA)  5500,  which 
consolidated  PIX  firewalls,  Cisco 
VPN  3000  concentrators  and  IDS 
4200  appliances  into  one  device. 

“You  don’t  have  to  log  in  and 
out  of  firewalls  and  IDS  devices 
[and  VPN  gear] .  You’re  dealing 
with  just  one  device,”  says  Jay- 
shree  Ullal,  senior  vice  president 
of  Cisco’s  Security  and  Technol¬ 
ogy  Group. 

Cisco  said  the  ASA  5500  can 
integrate  into  a  current  PIX,  VPN 
Concentrator  or  IDS  appliance, 
because  each  service  is  built  on 
chunks  of  code  taken  from  the 
respective  point  product.  Even¬ 
tually,  Cisco  customers  could  mi¬ 
grate  away  from  multiple  boxes 
and  deploy  only  ASAs  at  the  net¬ 
work  edge  and  in  data  centers. 

The  ASA  5500  series  ranges 


from  $3,500  to  $17,000,  and  can 
operate  at  speeds  from  300M  to 
650M  bit/sec.  Cisco  also  launched 
a  new  appliance  that  lets  users 
track  the  location  of  WLAN  cli¬ 
ents  and  devices,  with  its  Wireless 
Location  Appliance  2700,  based 
on  technology  from  Airespace. 

Also  at  the  show,  Expand  Net¬ 
works  announced  a  new  version 
of  its  ExpandView  management 
software,  which  lets  network  man¬ 
agers  administer,  configure  and 
collect  data  from  distributed 
acceleration  appliances.Version  3 
includes  a  mapping  feature  that 
provides  a  topology  of  all  the 
Expand  Accelerator  appliances 
at  remote  and  branch  offices. 
ExpandView  is  installed  on  dedi¬ 
cated  Windows  servers  and  the 
appliances  send  application  traf¬ 
fic  statistics  to  the  software,  which 
now  can  provide  trend  reports  on 
historical  data.  ExpandView  3 
costs  between  $5,000  and 
$45,000. 

Extreme  rolled  out  the  next 
wave  of  its  XOS,  modular-operat¬ 
ing  system  switches  at  the  show 
with  the  Summit  X450,  a  fixed- 
configured  box  with  24  10/100/ 
1000M  bit/sec  ports,  which  can 
communicate  with  an  XOS- 
based  BlackDiamond  switch. 
With  switches  on  this  common 
operating  system  in  the  core  and 
edge,  Extreme  said  the  devices 
can  self-configure,  provision  and 
react  to  threats  by  adjusting  QoS, 
access  control  lists  and  other  set¬ 
tings  on  the  fly  A  language  using 
XML-based  messages  is  the  medi¬ 
um  that  two  XOS  switches  talk  to 
each  other,  Extreme  said.  Pricing 
was  not  released.  ■ 


Network  World  editors  and  Lab  Alliance  members  debated  at  Interop  on 
what  companies  and  technologies  should  survive  Listen  to  their  discussion 
at  www.networkworld.com,  DocFinder:  7052.  Pictured  are  (from  left)  John 
Gallant  Johna  Till  Johnson,  Paul  McNamara,  Mark  Gibbs  and  Joel  Snyder. 
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Middleware  is  Everywhere. 


Can  you  see  it? 
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MIDDLEWARE  IS  IBM  SOFTWARE.  The  powerful  DB2 
Information  Management  Software  Family.  With  industry 
leading  DB2and  Informix® databases,  it’s  the  most  complete 
information  management  solution  available.  Built  on  open 
standards,  it  lets  you  access  content  from  various  sources. 
Integrate  information,  boost  productivity,  stay  compliant.  Plus 
gain  insight  to  make  better  business  decisions.  On  demand. 


1. Takes  virtual  tour  of  vacation  spot. 

2.  Books  flight  with  partner  airline. 

3.  Dispatches  service  automatically. 

4.  Analyzes  schedule  data  dynamically. 

5.  Business  results  reach  new  heights. 


at  ibm.com/middleware/information  DEMAND  BUSINESS 


Middleware  for  the  on  demand  world.  Learn  more 
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eport  VC  telecom  funding  on  the  rise 


In  the  money 

Wireless  and  VoIP  companies  were  among  the  biggest 
money  winners  in  the  first  quarter. 


Company  !  Focus 

Amount  invested 

General  Bandwidth 

VoIP  equipment 

$18  million 

Trapeze  Networks 

Wireless  LANs 

$17,5  million 

Coiubris  Networks 

Wireless  LANs 

$15  million  : 

Picolight 

Optoelectronic 
components  for 
network  equipment 

$13  million 

NanoOpto 

Optical  components  for 
consumer  electronics 
and  network  equipment 

"■  ■  -  '■* 

$13  million 
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SOURCE:  QUARTERLY  VENTURE  CAPITAL  REPORT  BY  VENTUREONE  AND  ERNST  &  YOUNG 

■  BY  CARA  GARRETSON 

It’s  not  exactly  1999  all  over 
again,  but  venture  capitalists  are 
starting  to  show  renewed  interest 
in  certain  network  and  telecom 
niches,  and  investment  revival 
that  could  spawn  more  innova¬ 
tive  products  and  services. 

According  to  the  latest 
Quarterly  Venture  Capital  Report 
released  by  VentureOne  and 
Ernst  &  Young,  there  were  68  in¬ 
vestments  in  communications 
companies  during  the  first  quar- 
ter.That  level  hasn’t  been  reached 
in  more  than  two  years,  although 
it  is  still  far  from  the  226  invest¬ 
ments  made  during  the  third 
quarter  of  2000.  The  report 
defines  these  companies  as  com¬ 
munications  device  makers  and 
service  providers. 

The  communications  sector 
fared  better  during  the  first  quar¬ 
ter  than  overall  investments  in  IT 
companies,  which  at  290  deals 
represented  the  lowest  level  since 
the  third  quarter  of  2003. 

“We’re  seeing  a  spike  in  the 
communications  sector . . .  enter¬ 
prises  are  spending,  carriers  are 


spending  and  that’s  driving  more 
interest  into  the  start-up  market¬ 
place,”  says  Robb  Browne,  an 
Ernst  &  Young  partner  who  over¬ 
sees  the  firm’s  venture  capital 
advisory  group  for  Silicon  Valley 

Investors,  many  of  whom  got 
burned  at  the  beginning  of  the 
decade  pouring  cash  into  com¬ 
munications  companies  that 
didn’t  make  it,  now  are  tentatively 
testing  the  waters  in  certain  sec¬ 
tors.  Many  name  wireless  and 
VoIP  products  and  services  as  hot 
areas,  evidenced  by  the  top  three 
investment  deals  of  the  first  quar¬ 
ter,  as  well  as  certain  segments  of 
the  optical  component  arena. 

Yet  perhaps  it  was  the  roller 
coaster  ride  investors  took  with 
communications  start-ups  just  a 
few  years  ago  that  has  made 
many  of  them  sensitive  to  so- 
called  hot  markets. 

“This  is  a  great  time  to  be  invest¬ 
ing  in  communications,  but  also  a 
very  selective  time,”  says  David 
Britts,  a  partner  with  ComVen- 
tures.“We  are  looking  for  more 
off-the-beaten-path  [opportuni¬ 
ties]  and  are  trying  to  avoid  the 
overfunded.  Clearly  Wi-Fi  is  an 


area  where  certainly  some  will 
make  a  lot  of  money,  but  there’s 
also  going  to  be  a  lot  of  roadkill.” 
ComVentures  currently  prefers  to 
invest  in  technology  related  to 
wireless  networks  such  as  billing 
systems  for  wireless  carriers,  secu¬ 
rity  products  for  small  and  mid¬ 
size  businesses,  and  video. 

Over  the  past  year  Britts  has 
seen  the  quality  of  deals  with 
communications  companies  im¬ 
prove  in  large  part  because  man¬ 
agement  teams  today  have  been 
around  longer  and  therefore 
companies  are  better  run. 

William  Quigley,  managing 
director  with  Clearstone  Venture 
Partners,  calls  investing  in  com¬ 
munications  a  mixed  bag. 

One  area  that  interests  Quigley 
is  VoIP  mobility,  the  concept  of 
linking  Wi-Fi  and  cellular  net¬ 
works  so  that  cell  phones  can 
roam  on  these  wireless  networks. 
There  are  technical  hurdles  to 
clear  in  making  this  technology 
work,  he  says,  and  adds  that  there 
are  at  least  a  dozen  products  com¬ 
ing  out  soon  that  attempt  to  do  so. 
“It  never  will  be  a  S  100-billion 
market  like  Ethernet  switches,  but 


I  suspect  it  will  be  several  billion 
dollars, and  for  the  communica¬ 
tions  industry  that’s  very  good, 
given  what’s  been  going  on  in  the 
last  few  years,”  he  says. 

Another  area  of  interest  to 
Quigley  is  micro  multiservice-pro- 
visioning  platforms  that  sit  close 
to  customer  sites  to  route  multi¬ 
protocol  traffic.“This  has  been  an 
area  where,  in  spite  of  other  cuts 
in  spending,  service  providers 
realize  they  need  to  continue  to 


invest,”  he  says.  His  firm  is  looking 
at  start-ups  that  build  chips  to 
power  such  boxes  or  software  to 
manage  them. 

Investor  focus  on  new  commu¬ 
nications  technologies  means 
businesses  can  expect  to  see 
more  products  and  services  cov¬ 
ering  an  array  of  areas,  instead  of 
multiple  me-too  offerings. 

“In  the  enterprise,  things  that  are 
exciting  to  people  are  not  just  the 
next  generation  of  high-band¬ 
width  switches,”  says  Peter 
Wagner,  general  partner  with 
Accel  Partners.  “It’s  more  likely  to 
be  companies  that  are  defining 
some  new  category  of  enterprise 
infrastructure  having  to  do  with 
virtualization  or  application  deliv¬ 
ery  or  wireless  LANs.” 

Yet  not  everyone  agrees  that 
communications  is  making  a 
comeback.  According  to  the 
MoneyTree  Report,  a  quarterly 
survey  of  venture  capital  invest¬ 
ments  performed  by  Pricewater- 
houseCoopers  (PwC),  Thomson 
Venture  Economics  and  the 
National  Venture  Capital  Associ¬ 
ation,  deals  in  the  telecom  and 
network  industries  added  up  to 
58  and  47,  respectively 

These  figures  can’t  accurately 
be  compared  to  those  from  the 
VentureOne  report  because  each 
survey  defines  the  communica¬ 
tions  category  differently  None¬ 
theless,  the  MoneyTree  Report 
found  telecom  and  networking 
are  continuing  on  their  down¬ 
ward  trend. 

“MoneyTree  shows  that  interest 
in  the  telecommunications  and 
networking  industries  continues 
at  low  levels,”  says  Kirk  Walden, 
national  director  of  venture  cap¬ 
ital  research  at  PwC.“There  is  no 
sign  yet  of  a  resurgence  in  these 
industries,  regardless  of  stage  of 
company  development.”* 


Compliance,  automation  fueling  interest 


■  BY  JOHN  FONTANA 

Corporate  requirements  to  adhere  to  com¬ 
pliance  regulations  and  a  need  to  automate 
and  secure  electronic  inter¬ 
action  among  partners  are 
the  major  issues  driving  in¬ 
terest  in  identity  manage¬ 
ment,  according  to  users 
and  analysts. 

Those  issues,  along  with 
others  focused  on  privacy, 
trust,  federation  and  rights 
management,  are  the  high¬ 
lights  of  this  week’s  Digital 
ID  World  conference  in  San 
Francisco. 

While  identity  manage¬ 
ment  has  focused  mostly 
on  IT  tools  such  as  directo¬ 
ries,  single  sign-on  and  password  manage¬ 
ment,  observers  say  businesses  are  starting  to 
realize  how  important  identity  is  becoming 
in  risk  management  plans.  Experts  say  aware¬ 
ness  will  accelerate  adoption  of  identity 
management. 

“There  is  an  awareness  occurring  among 
business  folks  that  security  is  not  baked  into 
infrastructure  and  applications,  and  that  iden¬ 
tity  and  access  management  play  a  key  role 
and  serve  as  a  cornerstone  for  applying  con¬ 
trols  to  address  information  security  and 


[compliance]  auditing  issues,”  says  Earl 
Perkins,  an  analyst  with  Gartner,  who  will  lead 
a  panel  on  compliance  auditing  at  the  con¬ 
ference.  “They  finally  understand  this  is  all 
part  of  risk  management, 
and  I  view  that  as  a  sign 
that  identity  management 
is  taking  a  more  rightful 
place  in  the  minds  of  busi¬ 
ness  folks.” 

However,  Perkins  and  oth¬ 
ers  realize  that  the  technol¬ 
ogy  issues  are  not  yet 
solved.  In  March,  Oracle’s 
acquisition  of  Oblix  was 
widely  seen  as  the  end  of 
vendor  consolidation  and 
the  start  of  a  new  task  for 
vendors  developing  iden¬ 
tity  platforms,  including 
BMC  Software,  Computer  Associates,  HP  IBM, 
Microsoft,  Novell,  Sun  and  RSA. 

“All  the  platform  players  have  the  pieces  that 
they  think  they  need  or  wanted  to  bujf  says 
Jamie  Lewis,  president  of  Burton  Group,  who 
will  deliver  a  keynote  speech  at  the  confer¬ 
ence.  “But  these  suites  are  suites  in  brand 
name  only  The  vendors  have  a  lot  of  work  to 
do  creating  products  that  don’t  overlap,  that 
are  tightly  integrated  on  features  and  function¬ 
ality,  that  have  a  consistent  management  plat¬ 
form  and  are  all  tied  together  in  a  package  that 


can  be  exposed  through  development  tools.” 

Lewis  says  another  major  step  is  getting  those 
disparate  suites  to  interoperate  using  standard 
protocols. 

A  panel  discussion  at  the  conference  on  con¬ 
vergence  of  federated  identity  protocols,  one 
of  the  most  contentious  areas  of  debate 
around  identity  standards,  will  feature  the 
Liberty  Alliance,  IBM,  Microsoft,  RSA  and  Sun. 

“Standard-based  identity  policy  and  security 
interoperability  is  critical  to  all  our  members 
operating  in  complex  multi-vendor,  multi¬ 
national  environments,”  says  Fred  Wettling, 
chairman  of  the  Network  Applications  Con¬ 
sortium,  an  end-user  group  “One  of  the  IT  chal¬ 
lenges  is  how  do  I  reduce  the  labor  burden 
that  has  been  foisted  on  people  by  mandates 
such  as  Sarbanes-Oxley  in  order  to  become 
compliant?  We  need  to  figure  out  how  we  can 
automate  and  this  is  an  area  where  standards- 
based  interoperability  is  ke/ 

In  addition  to  those  issues,  a  handful  of  ven¬ 
dors  are  expected  to  announce  products.  RSA 
plans  to  introduce  Reporting  and  Compliance 
Manager,  which  provides  analysis  on  the  logs 
generated  by  RSAs  access  management  plat¬ 
form  ClearTrust.The  reports  focus  on  adher¬ 
ence  to  policy  policy  changes,  user  activity  and 
intrusion  attempts.  Epok  plans  to  unveil  the 
next  version  of  its  Trusted  Data  Exchange 
Server,  which  will  include  features  for  integrat¬ 
ing  identity  management  systems.* 


By  the  end  of  2007, 
Gartner  predicts 
that  nearly 


of  companies  will  have 
deployed  or  be  piloting 
projects  that  will 
include  federated  iden¬ 
tity  services. 
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Keeping  critters  at  bay 

Methods  for  animal-proofing  your  network,  according  to 
pest  control  experts: 


Protect  cabling  in  metal  sheating  or  PVC  ducts. 

Minimize  food  in  data  centers.  Even  though  many  data  centers 
are  physically  secured,  some  rodents  only  need  a  pencil-size 
hole  to  sneak  in. 

Keep  outside  cabling  away  from  spots  where  animals  can  climb 
or  jump. 

Avoid  gizmos,  such  as  ultrasonic  machines. 

Enlist  exterminators  to  do  proactive  building  inspections. 


Animals 

continued  from  page  1 

customers’  phones  to  go  quiet 
as,  well,  the  mice.The  company 
squarely  laid  the  blame  at  the 
tiny  paws  of  rodents  that  the 
Swedes  call  sorks. 

The  outages  were  maddening 
in  that  they  were  caused  by  the 
animals  gnawing  through  fiber¬ 
optic  cables  after  shimmying 
through  2-centimeter-wide  gaps 
between  cement  valves  and 
locks  designed  to  protect  the 
phone  lines  from  animals  and 
forces  of  nature,  says  Arne 
Duvberg,  chief  technician  at 
Flextronics  Network  Sendees,  a 
company  that  maintains  Telia- 
Sonera’s  networks  in  the  region. 

And  don’t  even  get  him  started 
on  birds. 

“We  have  to  send  out  service 
men  on  a  daily  basis  to  take  care 
of  the  damage  being  made  by 
the  woodpeckers,”  he  says. 

TeliaSonera  by  far  wasn’t  the 
first  network  operator  to  get 
caught  in  a  mousetrap  and  won’t 
be  the  last.  Just  how  common 
animal  attacks  on  networks  are, 
though,  is  hard  to  pinpoint.  One 
estimate,  cited  by  author  Robert 
Sullivan  in  his  2004  book  “Rats” 
(in  which  he  monitors  a  New 
York  City  alley  for  a  year),  is  that 
18%  of  all  phone-cable  disrup¬ 
tions  are  caused  by  rats.  But  oth¬ 
ers  say  the  frequency  of  animal- 
related  damage  is  much  lower. 
AT&T,  for  example,  figures  less 
than  1%  of  all  its  outages  are 
caused  by  rodents. 

Despite  the  shortage  of  statis¬ 
tics,  anecdotal  evidence  of 
nature  vs.  network  run-ins 
abounds: 

•  In  the  past  few  years,  rats  have 
been  blamed  for  chewing 
through  fiber-optic  cables  in  loca¬ 
tions  as  varied  as  Ontario  and 
India,  leaving  hundreds  of  thou¬ 
sands  of  customers  without 
Internet  or  phone  service. 

•  A  data  center  at  Stanford 
University  in  the  mid-1990s 
switched  to  back-up  generators 
after  a  squirrel  blew  out  the 
main  transformer. The  rodent’s 
charred  remains  were  found 
hours  later,  exposed  by  its  pun¬ 
gent  odor. 

•  Texas  Tech  University  re¬ 
searchers  have  cited  red,  import¬ 
ed  fire  ants  as  being  network 
troublemakers  as  far  back  as 
1939,  when  Southwestern  Bell 
Telephone  reported  problems  in 
Galveston, Texas. 

•  AT&T  and  other  telecom 
companies  and  equipment  mak¬ 
ers  seeking  ways  to  protect  their 
networks  and  products  from 


pocket  gophers’  choppers  drew 
fire  from  animal  rights  activists  in 
the  mid-1990s  for  paying  U.S.  gov¬ 
ernment  researchers  over  two- 
plus  decades  to  trap  the  animals, 
cage  them  and  watch  them 
gnaw  on  cables  strung  within  the 
cages.  Such  cable-durability  tests 
have  since  been  halted. 

•  Owners  of  underwater  cables 
have  had  to  make  their  links 
shark  resistant  after  suffering  out¬ 
ages  caused  by  fish  bites. 

Rodents  are  considered  espe¬ 
cially  threatening  to  network 
cabling. 

“Rodents  and  wire  damage  go 
hand  in  hand,” says  Bobby  Cor¬ 
rigan,  a  pest  control  expert  in 
Indiana  who  calls  himself  an 
urban  rodentologist. 

And  it’s  not  that  the  animals 
are  bent  on  having  a  high  fiber¬ 
optic  diet,  either.  Eric  Spinner, 
pest  control  operator  for  Maven 
Best  Management  in  New  Hyde 
Park,  N.Y,  explains  that  rodents 
gnaw  on  wires  and  other  chew- 
able  objects  to  grind  down  their 
incisors. 

“Failure  to  do  so  will  allow 
them  to  grow  long  and  actually 
occlude  their  lower  jaws  to  the 
point  where  they  can’t  open 
their  mouths  to  eat,”  he  says. 

Telcordia,  which  crafts  specifi¬ 
cations  used  by  carriers  and 
equipment  makers,  tests  for  the 
hardness  of  cables  and  equip¬ 
ment  enclosures,  and  recom¬ 
mends  cabling  be  protected  in 
covering  with  at  least  a  1-  or  2- 
inch  radius  to  prevent  certain 
animals  from  wrapping  their 
jaws  around  it. 

Ernie  Gallo,  director  of  telecom 
services  at  Telcordia,  says  the 
increased  use  of  fiber-optic 
cabling  has  forced  carriers  to 
pay  more  attention  to  network 
protection,  given  that  the  outage 
of  a  single  fiber  connection  can 
mean  many  more  businesses 
and  individuals  will  be  affected 
than  they  will  when  they  are  old 
copper  links  go  down. 

Protecting  networks  from  ani¬ 


mals  isn’t  only  about  keeping  up 
communications  links.  It’s  also 
about  safeguarding  field  techni¬ 
cians  who  work  on  the  lines. 
Requirements  are  followed  in 
designing  equipment  enclosures 
that  are  meant  to  keep  insects 
such  as  wasps  from  building 
nests  within  them,  Gallo  says. 

Efforts  such  as  covering  cables 
with  pepper  spray  have  been 
made  over  the  years  to  discour¬ 
age  cable-chewing,  Gallo  says. 
Although  he  emphasizes  that 
sticking  to  the  basic  Telcordia 
specifications  can  greatly 
reduce,  if  not  eliminate,  animal 
interference. 

Jay  Adelson,  CTO  and  co¬ 
founder  of  Equinix,  a  provider 
of  data  centers  and  Internet  ex¬ 
change  services,  says  a  massive 
rodent-eradication  program  is 
one  of  the  first  things  his  com¬ 
pany  does  when  building  a 
data  center. 

“We  make  sure  we  quarantine 
off  the  building  with  steel  walls 
and  find  any  point  of  entry  and 
seal  it  up,”  he  says. 

While  outside  cabling  is  com¬ 
monly  sheathed  in  metal  to 
avoid  animal  or  other  damage, 
armoring  cable  within  a  data 
center  can  greatly  limit  the  flexi¬ 
bility  of  cable  that  might  need  to 
be  moved  often,  he  cautions. 
Cabling  company  experts  also 
say  that  armoring  wires  can  as 
much  as  double  the  cost,  so 
careful  risk  vs.  cost  assessments 
must  be  done. 

Stuart  Aust,  for  15  years  the 
owner  of  Bug  Doctor  in 
Paramus,  N.J.,says  his  company 
has  helped  to  protect  enterprise 
networks  by  putting  bait  sta¬ 
tions  outfitted  with  “rodentcide” 
under  raised  floors  in  computer 
rooms.“We  provide  a  deodor¬ 
izer  as  well,”  he  says,  for  those 
cases  where  rodents  die  and 
aren’t  discovered  right  away. 

Of  course,  even  the  best  efforts 
to  animal-proof  networks  aren’t 
always  successful. 

“Data  centers  might  seem 


secure,  but  if  there  is  any  hole 
—  if  you  can  put  a  pencil 
through  it  —  then  a  mouse  can 
get  through  it,”  says  Greg 
Baumann,  technical  director  for 
the  National  Pest  Management 
Association. 

Data  centers  generally  provide 
three  things  rodents  need:  food, 
water  and  safe  harbor.“While 
companies  might  not  encourage 
bringing  food  into  these  climate- 
controlled  spaces,  there  is  always 
the  leftover  birthday  cake  or 
emergency  granola  bars,”  he  says. 

And  once  critters  get  into  a 
data  center,  even  armoring  cable 
will  not  necessarily  stop  them 
from  damaging  wires  or  getting 
into  electrical  systems  that 
power  networks,  says  Steven 
Elmore,  an  applications  engineer 
with  cable  maker  CommScope. 

“It  will  just  slow  them  down,”  he 
says.Tve  actually  seen  armored 
cable  chewed  through.” 

New  animal  control  methods 
are  always  in  the  works,  says 
Michael  Conover,  director  of  the 
Berryman  Institute^  national 
organization  focused  on  resolv¬ 
ing  human-wildlife  conflicts. 

“We  have  been  doing  research 
on  impregnating  a  rodent  repel¬ 
lent  into  the  plastic  covering  of 
cables,”  he  says.“While  this 
approach  works  in  the  short¬ 
term,  it  is  too  early  to  tell  if  it  is  a 
long-term  solution.” 

You  might  think  the  shift  from 
wire-based  to  wireless  networks 
might  give  animals  less  to  chew 
on  going  forward,  but  that’s  not 
necessarily  the  case.“There  are 
still  a  lot  of  wires  in  wireless 
networks,”  CommScope’s 
Elmore  says. 

Meanwhile,  network  profes¬ 
sionals  say  it  actually  isn’t  the 
rats,  ants  and  gophers  that  have 
them  most  concerned.  When 
Flextronics’  Duvberg  was  asked 
to  point  out  the  most  harmful 
animal  he  answers  quickly: 
“Homo  sapiens.  When  an  excava¬ 
tor  causes  problems,  one  thing  is 
for  sure:  The  problems  are  big.” 

Bostrom  is  a  reporter  with  IDG 
News  Service  in  Sweden. 


Got  great  ideas 


■  Got  a  suggestion  for  a 
Wider  Net  story?  An  offbeat 
network  industry-related 
topic?  A  fascinating  personal¬ 
ity  we  should  profile?  Contact 
Bob  Brown  with  your  ideas  at 
bbrown@nww.com. 
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Sun  stumbles  with  grid  rollout 


■  BY  ROBERT  MCMILLAN 

SAN  FRANCISCO  —  Sun  has  delayed 
the  rollout  of  its  Sun  Grid,  an  Internet- 
based  utility  service  that  has  been  under 
development  since  late  last  year. 

A  lack  of  computing  resources  has 
pushed  back  the  public  launch  of  Sun 
Grid,  originally  slated  to  go  live  in  the  first 
few  months  of  2005,  to  as  late  as  July,  Sun 
executives  say. 

An  early  access  version  of  Sun  Grid  is 
available  to  certain  Sun  customers,  but  a 
number  of  recent  large-scale  grid  deploy¬ 
ments  have  forced  Sun  to  divert  systems 
that  were  to  be  used  for  the  public  site, 
says  Aisling  MacRunnels,  senior  director 
of  utility  computing  with  Sun. 

“We  can’t  open  that  up  until  we  have  a 
substantial  number  of  CPUs  behind  it,” she 
says  of  the  Sun  Grid  Web  site.“All  of  those 
CPUs  that  we  thought  were  going  to  be 
[used]  are  being  reallocated  to  a  very 
large  number  of  banks.” 

MacRunnels  declined  to  provide  the 
names  of  any  Sun  Grid  customers,  but 
says  that  the  first  such  announcements 
would  be  made  within  30  days. 

Just  like  power  and  water 

When  it  becomes  publicly  available,  Sun 
Grid  is  expected  to  operate  like  a  power 
or  water  utility  It  will  deliver  raw  comput¬ 
ing  and  storage  capacity  at  the  flat  rate  of 
$1  per  CPU,  per  hour,  and  $1  per  gigabyte, 
per  month.  Sun  Grid  resources  are  even 
expected  to  be  traded  as  a  commodity  on 
the  Archipelago  Holdings  electronic 
exchange,  the  company  has  said. 

Three  regional  centers,  based  in  Virginia, 
New  Jersey  and  London,  have  been  set  up 
to  power  the  Grid,  and  the  company  is 
working  on  more  than  30  proof-of-con- 
cept  projects  with  companies  in  the  finan¬ 
cial  services,  petroleum  and  entertain¬ 
ment  industries. 

Sun  had  hoped  to  operate  six  regional 
centers  at  this  point,  but  technical  and 
logistical  issues  have  prevented  this  from 
happening,  MacRunnels  says. 

According  to  analysts,  the  Santa  Clara 
computer  maker  has  lagged  behind  rivals 
HP  and  IBM  in  delivering  utility-type  ser¬ 
vices  such  as  Sun  Grid,  which  lets  cus¬ 
tomers  connect  to  remotely  managed 
servers  and  pay  only  for  the  resources  that 
they  use.  But  the  publicly  available  Sun 
Grid  has  been  promoted  as  something 
quite  different  from  HP  or  IBM’s  utility 
products,  which  are  normally  customized 
offerings  built  for  large  companies. 

Legal  issues 

Sun  also  still  is  hammering  out  a  number 
of  legal  and  business-related  issues  as  it 
tries  to  make  Sun  Grid  available  to  all, says 
Dan  Hushon,  chief  technologist  of  strategic 
development.  “This  really  comes  down  to 
what  is  the  market  willing  to  bu>f  he  says. 
“The  last  thing  we  want  to  do  is  put  some¬ 
thing  out  there  that  nobody  wanted  to  buy’ 


To  add  to  Sun  Grid’s  woes,  the  executive 
overseeing  the  project  resigned  two  weeks 
ago.RobertYoungjohns.who  was  executive 
vice  president  of  Sun’s  strategic  develop¬ 


ment  financing  group,  left  to  take  a  job  as 
president  and  CEO  of  San  Jose  company 
Callidus  Software.  Sun’s  former  vice  presi¬ 
dent  of  Wall  Street  Technologies,  Stuart 


Wells,  replaced  Youngjohns. 

McMillan  is  a  correspondent  with  the  IDG 
News  Service. 


I  convinced  my  boss  to  get 
this  big  honkin’  collaboration 
infrastructure  only  a  genius 
like  me  could  ever  use. 
Check  it  out  on  my  blog 
at  www.frankwillis.com 


-  Frank  Willis 


-r  Ipswitch  Collaboration  Suite,  the  solution  for  small 

IPS  W  ITCH  * 

Collaboration  Suite  and  mid-sized  business  collaboration  that  just  works. 

Use  Microsoft® Outlook®  or  your  browser  to  connect 
to  a  powerful  industry-leading  messaging  sewer.  Communicate  in  real  time  with  anyone 
in  your  company  using  secure  instant  messaging.  Streamline  group  collaboration  with 
shared  calendars  and  free-busy  meeting  scheduling.  Reduce  junk  e-mail  and  stop 
viruses.  All  this,  and  Ipswitch  Collaboration  Suite  is  easy  to  install,  manage  and  use. 
Play  it  “safe”  like  Frank.  Or  be  smart.  Go  to  www. i pswitch . com  and  find  success 
with  Ipswitch  Collaboration  Suite. 


■  Smart 


■  Proven 


■  Reliable 


■  60  million 

mailboxes  worldwide 


www.ipswitch.com  or  call  800-793-4825  /A 

>•  tt'l  ii’fk  ,  V 


©2005  Ipswitch,  Inc.  All  product  names  are  the  property  of  their  respective  owners. 


mP  YOUR  CUSTOMERS  GET  BACK 
PRECIOUS  COMMODITY 


Who  doesn’t  want  to  save  time  and  money?  Avocent  KVM  and  remote  management  technologies  help  IT  departments 
centralize  control  of  servers,  serial  and  power  devices,  all  from  a  single  interface.  Imagine  -  instant,  console  level  access 
to  servers  and  other  IT  devices.  It  may  just  be  one  of  the  reasons  our  DSView®  3  management  software  won  the 
prestigious  VARBusiness  MidMarket  Products  of  the  Year  award.  In  addition  to  time  savings,  Avocent  solves  real  problems 
for  IT  departments  every  day: 

•  Securely  manage  servers  in  data  centers  AND  branch  offices 

•  Save  time  and  money  with  centralized  control  and  instant  access 

•  Minimize  time  spent  on  Sarbanes  Oxley  and  HIPAA  compliance  reporting  with  audit  logs 
and  advanced  reporting 


AvocenL 

The  Power  of  Being  There® 


With  Avocent,  time  is  on  your  side.  Don't  delay  another  second  -  take  a  virtual  tour  at  www.avocent.com/control 
or  call  us  at  1-866-286-2368. 


Avocent,  the  Avocent  logo,  DSView  and  The  Power  of  Being  There  are  trademarks 
of  Avocent  Corporation,  All  other  marks  are  the  property  of  their  respective 
owners,  ©  Copyright  2005  Avocent  Corporation. 
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Juniper  revamps  security  gear 

Intrusion-detection  added  to  currentfamily  of  firewall/VPN  devices. 


Juniper's  ISG 1000  device,  left,  supports  two  slots  for  IDP  cards  and  firewall  speeds  up  to  1G 
bit/sec.  The  ISG  2000  supports  2G  bit/sec  firewall  speeds  and  three  IDP  slots. 


■  Dell  is  offering  a  line  of  LAN  switch¬ 
es  that  gives  users  management  capa¬ 
bilities  at  a  price  that  the  company 
says  is  lower  than  the  cost  of  its 
unmanaged  switches.  The  Power- 
Connect  2700  Series  switches  cost 
as  little  as  $16  per  managed  Gigabit 
Ethernet  port.  The  Layer  2  switches 
can  be  deployed  as  unmanaged 
switches  out  of  the  box.  The  series  in¬ 
cludes  the  eight-port  PowerConnect 
2708,  the  16-port  PowerConnect  2716 
and  the  24-port  2724  starting  at  $139, 
$269  and  $369,  respectively. 

■  Enferasys  Networks  last  week 
said  it  would  trim  300  people,  or  30% 
of  its  workforce,  in  an  attempt  to 
reduce  quarterly  expenses  by  be¬ 
tween  $10  million  and  $13  million. The 
company  attributed  the  layoffs  to 
lower-than-expected  sales  in  North 
America  and  Europe.  The  router  ven¬ 
dor  recently  reported  that  its  net  rev¬ 
enue  for  the  first  quarter  of  2005  was 
$80.6  million,  compared  with  net  rev¬ 
enue  of  $90.5  million  in  the  fourth 
quarter  of  fiscal  2004. 

■  AirUght  last  week  unveiled 
SpectraGuard  Enterprise  3.0  a 

wireless  intrusion-prevention  system 
that  runs  server  software  on  an 
AirTight  Linux-based  appliance,  col¬ 
lecting  radio  frequency  data  from  sen¬ 
sors  scattered  over  an  office  or  cam¬ 
pus  to  listen  for  radio  transmissions. 
The  sensors  are  802.11b/g  with  radios 
configured  to  only  receive  signals,  and 
usually  are  tweaked  to  cover  a  wider 
area  than  a  standard  wireless  LAN 
access  point.  Version  3  software  now 
can  detect  more  than  one  threat 
mounted  against  a  specific  sensor.  In 
the  past,  when  a  sensor  detected  a 
rogue  transmission,  it  would  zero-in  on 
that  threat.  While  the  sensor  was 
occupied,  that  part  of  the  network  was 
vulnerable  to  a  second  attack. 
SpectraGuard  now  can  detect  and 
take  actions  against  eight  different 
types  of  RF  threats.  A  SpectraGuard 
Enterprise  3.0  starter  kit  with  the  serv¬ 
er  appliance  and  four  sensors  to  cover 
about  100,000  square  feet  costs  about 
$10,000.  Additional  sensors  are  $795. 


■  BY  TIM  GREENE 

Juniper  is  adding  intrusion  detection  to 
one  of  its  firewall/VPN  devices  and 
revamping  its  line  of  stand-alone  intrusion- 
detection  gear,  making  it  possible  for  busi¬ 
nesses  to  streamline  network  administra¬ 
tion  by  deploying  fewer  boxes. 

The  company  last  week  announced 
hardware  blades  for  its  ISG  2000  firewall/- 
VPN  appliance  that  supports  its  intrusion- 
detection  and  -prevention  (IDP)  software. 
The  box  has  three  slots  for  the  blades, 
which  do  all  the  processing  for  the  IDP  soft¬ 
ware  so  it  doesn’t  sap  the  main  CPU  that 
handles  the  firewall  and  VPN  processing. 

Adding  IDP  puts  the  ISG  2000  in  the  same 
category  as  Crossbeam,  Fortinet  and 
3Com’s  TippingPoint  Technologies  gear, 
says  Jim  Slaby  an  analyst  with  The  Yankee 
Group.  And  the  company  says  it  likely  will 
come  out  with  software  to  support  other 
security  functions  such  as  anti-virus. 

Fully  loaded,  the  box  is  suitable  for  pro¬ 
tecting  a  data  center,  with  2G  bit/sec  fire¬ 
wall  protection,  1G  bit/sec  VPN  encryption 
and  up  to  2G  bit/sec  of  IDP  throughput. 

The  IDP  blades  process  only  those  pack¬ 
ets  for  which  customers  have  set  IDP  poli¬ 
cies.  For  example,  the  main  processor 
might  identify  signaling  packets  for  a  VoIP 
phone  call  and  have  it  run  through  an  IDP 
check  looking  for  an  attack.  But  when  it 
identifies  a  VoIP  payload  packet  that  con¬ 
tains  only  voice  content,  it  could  pass  it 
through  without  IDP  inspection  because 
there  are  no  known  voice  payload  attacks. 

Juniper  is  announcing  a  second  multi¬ 
slot  firewall/VPN/IDP  device  called  ISG 
1000.  It  has  only  two  slots  for  IDP  cards,  and 
its  top  firewall  speed  is  1G  bit/sec.  The  IDP 
cards  are  not  available  yet. 

Juniper  also  is  announcing  six  new 
appliances  that  only  perform  IDP  The 
boxes  will  replace  older  Juniper  IDP 
devices  that  will  be  phased  out  over  the 
next  two  quarters.  The  devices  are  the  IDP 
50,  IDP  200,  IDP  600  C  (with  copper  Gigabit 
Ethernet  interfaces),  IDP  600  F  (with  fiber 
Gigabit  Ethernet  interfaces),  IDP  1100  C 
and  IDP  1100  FThey  range  in  through  put 
from  50M  to  1G  bit/sec. 

Along  with  the  IDP  hardware,  Juniper  is 
releasing  a  new  version  of  its  IDP  software 
that  adds  the  capability  to  screen  for 
attacks  that  violate  Session  Initiation  Pro¬ 
tocol,  making  the  software  suitable  to 
guard  against  attacks  on  VoIP  and  video. 


The  IDP  software  checks  with  Junipers  net¬ 
work  daily  to  download  newly  found 
attack  signatures,  including  spyware. 

The  software  also  lets  users  run  sus¬ 
pected  attacks  in  a  protected  environment 
to  determine  whether  they  are  actual 
attacks.  This  helps  reduce  the  number  of 


false  positives,  the  company  says. 

The  stand-alone  IDP  devices  cost  from 
$9,000  for  the  IDP  50  to  $65,000  for  the  IDP 
1 100  F  The  price  range  for  the  ISG  2000  is 
$40,000  to  $55,000  for  firewall/VPN  capa- 
bilities.An  IDP  license  costs  $6,000  and  the 
IDP  cards  cost  $12,000  each.  ■ 


Juniper,  Avaya  agree  to  expand  joint 
i  development  partnership 


I NTE  ROP2005 


Juniper  and  Avaya  said  last  week 
they  intend  to  tighten  their  part- 
nershipto  include  joint  product 
development  as  well  as  resale  and  sup¬ 
port  of  each  other's  products. 

Under  their  current  relationship,  the 
companies  have  integrated  some  of 
their  products  into  systems  for  channel 
partners  to  sell 
and  have  worked 
together  on 
some  major 

deployments.  Under  the  new  relation¬ 
ship,  outlined  in  a  memorandum  of 
understanding  (MOU),  Juniper  and 
Avaya  would  develop  new  products 
that  might  carry  either  company's 
brand.  Each  company's  sales  team  also 
would  be  able  to  sell  and  support  the 
other  partner's  products  worldwide, 
says  Tony  Scarf  o,  vice  president  of 
business  development  at  Juniper. 

Details  of  the  MOU,  including  what 
types  of  products  the  companies  will 
jointly  develop,  still  are  being  worked 
out,  Scarfo  says.  The  partnership  is 
subject  to  the  parties  signing  definitive 
agreements.  The  partnership  is  not 
exclusive,  according  to  Scarfo  and 
Avaya  spokesman  Jonathan  Varman. 

Avaya,  which  was  spun  off  from 
Lucent  in  2000,  has  similar  partnerships 


with  other  network  vendors  such  as 
Extreme  Networks.  The  agreement 
with  Juniper  was  announced  as  Avaya 
introduced  updates  to  its  IP  PBX  fam¬ 
ily  at  the  Interop  trade  show  in  Las 
Vegas. 

The  planned  partnership  would  be 
the  first  of  its  kind  for  Juniper  in  the 
enterprise  mar¬ 
ket.  The  router 
company,  the  pri¬ 
mary  rival  to 
Cisco  for  carrier  core  routers,  has 
strategic  partnerships  with  Lucent, 
Siemens  and  Ericsson  for  carrier  prod¬ 
ucts,  says  Juniper  spokeswoman 
Susan  Ursch.  Lucent  last  week 
announced  it  will  resell  Juniper  routers 
to  BT  Group  for  its  so-called  21st 
Century  Network. 

Juniper  in  recent  years  has  expanded 
its  scope  to  enterprise  routing  and  last 
year  expanded  into  firewall  and  VPN 
technology  by  buying  NetScreen 
Technologies.  Both  partners  face 
Cisco  as  a  competitor  in  their  respec¬ 
tive  enterprise  product  categories, 
extending  from  routers  to  IP  phones. 

The  deal  probably  will  be  final  by  the 
end  of  the  quarter.  Ursch  says. 

—  Stephen  Lawson,  IDG  News  Service 
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For  all  of  the  high-profile  “Broadband 
VoIP”  advertising  we’re  being  inun¬ 
dated  with  of  late, you’d  think  that  the 
major  differentiators  between  leading 
contenders  fall  into  just  two  categories: 
bells  &  whistles,  and  price.  But  what  about 
voice  quality?  Does  it  matter  anymore? 

A  quick  review  of  the  home  pages  of 
high-profile  VoIP  services  Lingo  (Primus), 
VoiceWing  (Verizon)  and  Vonage  (at  this 
writing)  throw  more  features  and  pricing 
information  than  you  can  possibly  absorb 
but  not  one  of  the  three  ever  makes  refer¬ 
ence  to  voice  quality 
Why  might  that  be?  Can  they  consider 
the  concept  so  esoteric  that  it  is  above 
the  average  consumer  at  whom  their 
sites  are  targeted?  Hardly  Then  perhaps 
they  don’t  mention  it  because  they’ve 
determined  that  it  is  not  a  factor  in  ser¬ 
vice  selection  —  that  it  simply  is  not  a 
differentiator. 

While  some  would  say  that  cell  phones 
have  lowered  our  expectations  when  it 
comes  to  voice  quality  (and  1  wouldn’t 
disagree),  I  don’t  think  anyone  would  say 


Pillars  of  VoIP  service  -  bandwidth,  architecture 


it  doesn’t  matter.  In  the  case  of  cell  phones 
—  and  despite  claims  of  great  coverage 
implied  by  the  “can  you  hear  me  now?” 
ads  —  it’s  virtually  axiomatic  that  every 
user  will  experience  some  poor-quality 
voice  on  some  occasions.  And,  with  so 
many  cell-phone-user-to-cell-phone-user 
conversations,  who  can  say  which  service 
is  really  to  blame? 

So  true  or  false?:  The 
reason  broadband  VoIP 
services  providers 
spend  so  little  effort  on 
marketing  voice  quality 
is  because  they  are  all 
the  same. 

False.  Here  at  The  Tolly 
Group,  we’ve  spent 
some  months  setting  up 
and  benchmarking  the 
voice  quality  of  a 
dozen  or  so  such  VoIP  services  —  the  ser¬ 
vices  mentioned  above  plus  others  such 
as  8x8,  AOL,  Broadvoice,  CallEverywhere 
(Belkin) ,  Net2Phone,  SIPphone,  Skype  and 
Yahoo  (see  www.networkworld.com, 
DocFinder:  7033). 

If  there’s  one  thing  that  we’ve  deter¬ 
mined,  it’s  that  voice  quality  matters.  In 
our  research,  we  used  the  sophisticated 
Voice  Quality  Tester  (VQT)  from  Agilent 
to  measure  voice  quality  using  the  PESQ 
scale.  Within  each  service  —  tested 


using  various  samples  multiple  times  at 
various  times  of  the  day  —  the  results 
were  consistent. 

But  the  results  varied  dramatically 
across  the  services  tested. 

Fortunately,  most  of  the  services  tested 
delivered  voice  quality  that  rated  a  “good” 
or  better  using  PESQ.  A  few  achieved 
“excellent”  ratings  —  but  a  few  had  top 


scores  that  were  in  the  “poor”  range. 

Along  with  our  voice-quality  tests,  we 
captured  the  packets  constituting  the  VoIP 
conversation  and  analyzed  both  the  band¬ 
width  consumption  and  the  conversation 
architecture.  As  much  as  anything  else, 
these  appear  to  be  the  keys  to  quality. 

Voice  quality  was  directly  correlated 
with  bandwidth  consumption.Translation: 
If  you  are  willing  to  devote  more  band¬ 
width  to  your  conversation,  you’ll  get  bet¬ 
ter  quality.  Vonage  is  one  of  the  few  com¬ 


panies  we  saw  that  explicitly  acknowl¬ 
edges  this  trade-off  and  lets  its  users 
decide  (although  not  on  a  call-by-call 
basis).  Users  can  log  on  to  their  account 
and  ratchet  the  quality/bandwidth  up  or 
down  as  they  please.  Sure  enough,  our 
tests  show  that  when  you  squeeze  the 
conversation  over  a  narrower  pipe,  you 
pay  the  price  in  quality 

Equally  important  was  the  con¬ 
versation  path  between  stations. 
When  we  set  up  conversations 
between  two  stations  on  the  same 
LAN,  most  services  let  the  two  com¬ 
municate  directly  after  the  call  was 
set  up  —  resulting  in  virtually  non¬ 
existent  end-to-end  delay  (la¬ 
tency).  Others  required  all  packets 
to  leave  our  lab  and  get  relayed 
through  some  central  site  —  caus¬ 
ing  delay  to  be  significant  and 
degrading  voice  quality 

Most,  if  not  all,  of  these  broadband  VoIP 
providers  have  their  eyes  set  on  expand¬ 
ing  to  business  customers. 

Don’t  let  their  silence  on  issues  such  as 
voice  quality  and  architecture  silence 
your  concerns. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Boca  Raton,  Fla.  He  can  be 
reached  at  ktolly@tolly.com. 


So  true  or  false?:  The  reason  broadband 
VoIP  services  providers  spend  so  little  on 
marketing  voice  quality  is  because  they 
are  all  the  same. 


Zultys  launches  small-office 
SIP-based  IP  PBX 


Zultys'  MX30  IP  PBX  features  instant  messaging  and  presence  controls  for 
small  businesses. 


■  BY  PHIL  HOCHMUTH 

Zultys  Technologies  last  month 
released  a  small-office  version  of  its 
IP  PBX,  which  targets  offices  with 
fewer  than  30  users. 

The  MX30  could  be  used  as  a 
stand-alone  IP  PBX  in  offices  that 
need  business  phone  systems  with 
standard  PBX  features  and  voice 
mail  with  integrated  e-mail  sup¬ 
port.  The  devices  are  also  ideal  for 
hooking  up  offices  with  a  pure-VoIP 
phone  service  connection,  as 
opposed  to  connecting  a  PBX  or  IP 
PBX  to  a  traditional  public 
switched  telephone  network 
(PSTN)  T-l  link  for  outside  calls,  the 
vendor  says. 

The  MX30  joins  Zultys’  lineup  of  IP 
PBXs  that  are  based  on  Session 
Initiation  Protocol  (SIP)  and  use 
Linux  as  an  underlying  operating 
system  for  call  applications.  (Other 
models  include  the  250-user  MX250 
and  the  MX1200,  which  supports 
more  than  1,000  IP  phones.)  Like  its 
MX  cousins,  the  MX30  supports 
instant-messaging  and  presence 
features  through  a  softphone/uni¬ 


fied  messaging  client  that  works 
with  the  appliance.  Thirty  voice 
mail  boxes  are  supported  on  the 
device,  with  a  total  of  48  hours  of 
message  storage.  The  box  includes 
an  integrated  firewall  and  VPN 
capabilities.  The  device  works  with 
Zulty’s  line  of  SIP-based  IP  phones 
and  also  can  work  with  third-party 
SIP  phones  from  such  vendors  as 
Alcatel,  Cisco,  Pingte!  and  Siemens. 

The  MX30  competes  with  small- 
office  IP  voice  systems  such  as 
3Com’s  NBX.Altigen’s  AltiSeryAvaya 
IP  Office  and  Nortel’s  BCM  50. 

The  focus  of  the  MX30  is  on  de¬ 


ployments  at  sites  that  use  a  busi¬ 
ness  VoIP  service  provider.  The 
MX30  has  been  certified  to  work 
with  IP  telephony  services  from 
NexVortex,  a  provider  of  VoIP  ser¬ 
vice  for  small  businesses.  In  a 
Zultys/NexVortex  deployment,  an 
MX30  would  connect  directly  to  the 
NexVortex  VoIP  network,  where 
PSTN  calls  are  terminated.  This 
could  allow  for  low-cost  call  routing 
and  improved  features  over  com¬ 
peting  RBOC  small-business  phone 
service  rates,  the  vendors  say 
The  MX30  is  priced  starting  at 
$1,200.B 


Anti-virus  firm  joins 
spyware  battle 

■  BY  ELLEN  MESSMER 

Anti-virus  firm  Eset  last  week  announced  it  has  added  anti-spy¬ 
ware  filtering  to  its  NOD32  Version  2.5  software  for  helping  users 
protect  Windows  desktops  and  servers,  and  a  range  of  Lotus, 
Novell  and  Linux  servers. 

Eset  won’t  charge  more  than  its  current  $39  per  seat  for  adding 
the  anti-spyware  and  adware-filtering  capability,  according  to 
product  manager  Rick  Moy.  Most  other  anti-virus  firms  stepping 
into  the  anti-spyware  market,  including  McAfee,  Symantec  and 
Computer  Associates,  bumped  up  the  price  when  they  began 
offering  both  anti-virus  and  anti-spyware  capabilities. 

Scott  Brown,  information  security  analyst  at  Colby  Sawyer 
College  in  New  London,  N.H., said  he’s  been  beta-testing  NOD32 
Version  2.5  on  college  machines. “This  new  product  has  a  cou¬ 
ple  of  great  features  such  as  automatically  sending  the  infection 
to  Eset  to  be  analyzed,”  he  says. 

The  college  is  considering  requiring  its  students  to  use  the  anti¬ 
virus/anti-spyware  software  to  protect  both  the  students’  PCs  and 
the  campus  network. Virus  outbreaks  have  caused  the  most  prob¬ 
lems  on  the  campus  network  to  date,  but  spyware  is  viewed  as  a 
growing  threat  because  it’s  jamming  up  student  PCs. 

“We’ve  seen  student  machines  that  couldn’t  even  turn  on  or 
connect  to  the  network  because  of  spyware,”  Brown  says. 

While  students  are  responsible  for  maintaining  their  own 
machines,  the  reality  of  campus  life  is  that  when  they  have  diffi¬ 
culties  they  can’t  solve,  they  turn  to  the  campus  IT  department 
for  help,  says  Brown. 

Eset’s  NOD32  Version  2.5  also  includes  a  central  management 
console  to  distribute,  update  and  publish  reports.  Pricing  is  set  at 
$1,500  for  the  50-user  enterprise  edition.  ■ 
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It’  already  here. 

-  '  '•  .w-.\A:  v:fW  . 

ptaris  Document  Management,  powered  by  Alchemy, 

manages  electronic  documents  in  one  place— Office  docs,  emails,  PDFs,  faxes,  images,  COLD/ERM  and  CAD  files— whatever  you  need 

■ 

to  meet  today’s  rigorous  compliance  demands.  Plus  it’s  complete,  easy-to-deoloy  and  scalable,  all  while  helping  to  lower  your  risk  and  cost. 

Captaris  Document  Management,  and  our  other  Business  Information  Delivery  solutions,  can  immediately  improve  the  way  your  company 
stores  and  manages  information,  Uncover  more  at  captaris.com/DM. 


Captaris  Document  Management 

Rather  than  looking  all;  over,  you  could  have  information  available  at  your  fingertips. 


K0&  Captaris 

Document 

Management 
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Is  morning  I  set  up  a  firewall  in  London, 
t  a  server  attack  in  Tokyo  and 
ooted  a  maiJLserver  in  New  York. 


From  right  here. 


Manage  your  data  center  from  anywhere... 

In  today's  pressure  filled  “uptime”  environment  where  a  few 
minutes  can  cost  you  big  dollars,  customer  confidence  and 
worker  productivity,  you  can't  afford  to  have  IT  problems.  And, 
you  know  fewer  administrators  and  “lights  out”  control  of  your 
data  centers  gives  you  a  much-needed  security  buffer. 


Lantronix  gives  you  access  to  ALL  of  your  data  center  assets 
from  anywhere  over  the  Internet  via  a  browser,  and  total  out-of- 
band  access  if  the  network  is  down.  We  also  offer  the  only 
console  manager  available  with  a  NIST-certified  implementation 
of  Advanced  Encryption  Standards  (Rijndael)f  along  with  SSL 
and  SSH  assuring  you  the  highest  level  of  security  available. 


SecureLinx™ 

Lights  out  remote  data  center  management 


Secure  Console  Managers 

Remote  management  of  Linux,  Unix  and 
Windows®  2003  servers,  routers,  switches, 
telecom  and  building  access  equipment. 

-  Respond  faster  and  reduce  downtime 

-  Consolidate  resources  and  minimize  costs 

WStm 

mic/osysLexm 

Solaris” 

Ready 


Remote  KVM™  via  IP 

Manage  an  entire  room  full  of  Windows  and 
Linux  servers  from  a  single  desktop,  from 
anywhere  over  the  Internet. 

-  Eliminate  need  for  multiple  keyboards, 
monitors  and  mice 

-  No  client  software  required 


Remote  Power  Managers 

Control  the  power,  individually,  to  every  device 
in  the  data  center  via  a  web  browser. 

-  Reboot  system  remotely 

-  Ensure  safe  power  distribution  and  reduce 
in-rush  overload 
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tor . 
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LANTRONIX 


SecureLinx  SLC16 
Winner  of  the  Network 
Computing  Editor’s 
Choice  Award 


Network  anything.  Network  everything. 


'As  of  August  2004,  SecureLinx  SLC  is  the  only  console  manager  with  a  NIST-certified  implementation  of  Advanced  Encryption  Standards  as  specified  by  FIPS-197 
(Federal  Information  Processing  Standards).  ©  2005  Lantronix,  Lantronix  is  a  registered  trademark,  and  SecureLinx  and  Remote  KVM  are  trademarks  of  Lantronix,  Inc. 


www.lantronix.com  I  (800)  422-7055 
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Intel  playing  catch-up  to  AMD  efforts 


1 1  We’ve  gotten  far  too  focused  on  the 
OEM  relationships.  We  need  to  focus 
more  on  the  ecosystem  and  the  end 
users  themselves.  9  9 

Pat  Gelsinger 

Senior  vice  president  and  general  manager,  Intel's  Digital 
Enterprise  Group 


■  BY  TOM  KRAZIT 

SANTA  CLARA  —  Intel’s  top  server  exec¬ 
utive  recently  acknowledged  the  disparity 
between  his  company’s  server  processor 
road  maps  and  Advanced  Micro  Devices, 
but  said  Intel  plans  to  close  the  gap  soon 
with  a  revitalized  product  line. 

AMD  released  its  first  dual-core  server 
processors  two  weeks  ago,  but  Intel  is  not 
expected  to  follow  suit  until  the  first  quar¬ 
ter  of  2006  with  its  Dempsey  processor. 
Intel’s  single-core  Xeon  chips  will  be  well 
behind  the  performance  of  AMD’s  dual¬ 
core  Opteron  processors,  but  server  cus¬ 
tomers  weigh  many  factors  when  making 
a  purchase  decision,  says  Pat  Gelsinger, 
senior  vice  president  and  general  manag¬ 
er  of  Intel’s  Digital  Enterprise  Group. 

Users  will  find  dual-core  Opteron 
servers  intriguing  when  compared  with 
single-core  Xeon  servers,  Gelsinger  says. 
“There  will  clearly  be  some  tire-kickers, 
and  maybe  some  losses,” he  says,  referring 
to  Intel  customers  who  might  switch  to 
servers  based  on  AMD’s  chips. 

However,  enterprise  customers  are  gen¬ 
erally  conservative  when  it  comes  to  tech¬ 
nology  changes,  Gelsinger  says.  Users  inter¬ 
ested  in  servers  with  four  or  more  proces¬ 
sors  currently  have  the  option  of  Intel’s 
new  Truland  platform,  which  will  protect 
any  current  investments  by  letting  cus¬ 
tomers  plug  dual-core  Xeon  chips  into 


■  HP  and  EMC  last  week  said  they 


have  signed  a  five-year  patent  cross- 
licensing  deal  that  will  end  four  years 
of  litigation  between  them.  The  settle¬ 
ment  agreement  calls  for  HP  to  pay 
EMC  a  $325  million  “balancing”  pay¬ 
ment.  HP’s  payment  obligation  can  be 
satisfied  through  purchase  of  EMC 
software  for  internal  use  or  resale,  the 
companies  said.  The  settlement  stems 
from  EMC  suing  storage  management 
company  StorageApps  in  2000,  claim¬ 
ing  StorageApps'  technology  infringed 
EMC  patents  on  creating  mirror 
copies  of  system  files.  HP  became 
involved  in  the  dispute  when  it 
acquired  StorageApps  in  2001. 


their  current  Truland  servers  when  these 
chips  become  available  next  year,  he  says. 
Things  are  not  so  rosy  on  the  two-way 
server  front.  Intel  currently  does  not  offer 
a  chipset  for  two-processor  servers  that 
will  support  dual-core  chips  and  prevent 
customers  from  having  to  buy  another 
server  in  2006  to  take  advantage  of  dual¬ 
core  performance. 

The  six  months  or  so  between  Opteron’s 
dual-core  debut  and  Intel’s  Dempsey  are 
probably  short  enough  for  Intel  to  dis¬ 
suade  customers  from  fleeing,  says 
Nathan  Brookwood,  principal  analyst  with 
Insight  64.  With  the  disclosure  of  several 
dual-core  projects  at  March’s  Spring  Intel 
Developer  Forum,  the  company  reassured 
customers  wary  about  its  future  road 
map,  he  says. 

But  Intel  still  will  have  a  difficult  time 
competing  against  Opteron  because  of  the 
Xeon  product’s  reliance  on  a  front-side 
bus  to  coordinate  the  exchange  of  infor¬ 
mation  between  cores  in  dual-core 
processors,  Brookwood  says. 

Intel’s  chips  use  a  pathway  known  as  a 
front-side  bus  to  connect  the  CPU  with 
a  system’s  chipset,  where  it  can  access 
data  stored  in  memory  chips,  I/O  ports 
or  another  processor  core,  whereas 
Opteron’s  designers  connected  the  CPU 
directly  to  the  memory  chips,  I/O  and  a 
second  processor  core  with  the 
Hypertransport  interconnect  technology. 
This  design  improves  performance 
because  data  can  travel  directly  from  the 
CPU  to  memory  or  another  CPU  without 
having  to  pass  through  the  chipset, 
Brookwood  says. 

AMD’s  dual-core  Opterons  will  have  a 
demonstrable  performance  advantage 
over  single-core  Xeons,  simply  because 
two  processing  engines  can  accomplish 
more  than  one.  But  the  dual-core  Xeon 
still  will  be  at  a  disadvantage  to  a  dual¬ 
core  Opteron  on  certain  applications 
because  of  Intel’s  bus  design,  he  says. 
Intel’s  Truland  platform  uses  an  improved 
bus  design,  which  will  help  close  the  gap 
for  servers  with  four  processors  or  more, 
but  even  Truland  will  fall  a  little  short  of 
the  levels  achieved  by  the  dual-core 
Opteron  in  similar  servers,  he  says. 

Once  Dempsey  is  released  next  year, 
application  benchmarks  will  deliver  the 
final  verdict  for  customers  looking  for  the 
highest  levels  of  performance,  Brookwood 
says.  But  other  customers  who  have  been 
purchasing  Intel-based  servers  for  years 
will  probably  be  hesitant  to  switch, he  says. 


Last  year  Intel  was  plagued  with  project 
delays  and  cancellations,  as  well  as  manu¬ 
facturing  problems.  Gelsinger,  who  shares 
responsibility  with  Abhi  Talwalkar  for  the 
Digital  Enterprise  Group,  is  making  sure 
those  execution  problems  do  not  happen 
again,  he  says. 

Intel  also  plans  to  be  more  involved  with 


■  BY  DENI  CONNOR 

XOsoft  last  week  introduced  software 
based  on  the  premise  that  data  replication 
and  mirroring  software  isn’t  any  good  if  it 
isn’t  working. 

The  company  which  sells  replication  and 
mirroring  tools,  says  Assured  Recovery  is 
designed  to  simplify  the  process  of  making 
sure  such  tools  are  in  order. 

Only  40%  of  the  three  dozen  IT  profes¬ 
sionals  surveyed  recently  by  ThelnfoPro 
research  firm  said  they  are  “somewhat” 
confident  that  their  disaster-recovery  sys¬ 
tems  will  work  when  called  upon.The  sur¬ 
vey  also  found  that  testing  costs  from 
$30,000  to  more  than  $1  million,  perhaps 
explaining  why  only  half  of  those  asked 
said  they  test  their  disaster-recovery  sys¬ 
tems  yearly. 

Assured  Recovery  installs  on  a  host  com¬ 
puter  (such  as  one  running  Microsoft 
Exchange  or  an  Oracle  database),  sus¬ 
pends  the  replication  process  and  spools 
any  data  changes  to  a  file.  Software 
installed  on  a  remote  server  validates  its 
database.  The  master  server  is  restored  to 
the  pre-test  state  and  changes  continue  to 
spool.  These  changes  are  sent  to  the 


end  users  in  upcoming  months,  Gelsinger 
says.  “We’ve  gotten  far  too  focused  on  the 
OEM  relationships.  We  need  to  focus  more 
on  the  ecosystem  and  the  end  users 
themselves.” 

Krazit  is  a  correspondent  with  the  IDG 
News  Service. 


remote  server  and  replication  resumes. 

“An  untested  solution  is  no  solution,” 
says  Gil  Rapaport,  executive  vice  presi¬ 
dent  of  marketing  for  XOsoft.  “Over  time, 
server  migrations,  changes  to  the  network 
configuration  or  hardware  failures  may 
cause  replication  or  mirroring  operations 
to  fail.  A  gap  is  created  between  the  last 
time  the  company  tested  its  disaster- 
recovery  system  and  its  current  readiness 
to  do  recover}/’ 

Analysts  say  testing  replication  processes 
is  typically  cumbersome,  expensive  and 
causes  unnecessary  downtime. 

“The  real  difficulty  in  business-continu¬ 
ity/disaster-recovery  testing  is  that  until  you 
mirror  or  replicate  the  data,  recover  it  and 
restart  all  your  applications  on  the  sec¬ 
ondary  site,  you  have  no  idea  whether  the 
data  you  are  mirroring  or  replicating  is 
actually  consistent,  recoverable  and 
restartable,”  says  Stephanie  Balaouras, 
senior  analyst  with  The  Yankee  Group. 

The  initial  release  of  Assured  Recovery 
only  supports  XOsoft’s  WANSynch  and 
Enterprise  Rewinder  products,  although 
extensions  are  planned. The  software  costs 
from  $2,400  to  $9,600  per  server.  ■ 


XOsoft  product  verifies 
disaster-recovery  tools 


SAS,  the  leader  in  business  intelligence  software,  asks 


SERVICE  LEVEL  MANAGEMENT 


RESOURCE  MANAGEMENT 


CHARGE  MANAGEMENT 


VALUE  MANAGEMENT 


No  business  wants  to  believe  it’s  wasting  precious  IT  dollars.  So  if  executives  and  co-workers  grumble  about  IT  service, 
and  you’re  convinced  those  services  could  be  put  to  better  use,  let  SAS  help.  With  SAS®  IT  Management  solutions, 
you  can  measure,  manage,  understand  and  communicate  the  quality  of  every  IT  service  more  accurately.  You’ll 
know  precisely  how  your  business  is  using  IT  resources.  Ensure  maximum  performance  and  response  times.  Predict 
strategic  and  financial  trends.  And  clearly  visualize  the  value  of  IT  from  business,  revenue  and  profit  perspectives. 
Visit  our  Web  site  to  learn  more  and  read  our  free  white  paper.  Align  IT  with  Business  and  Budget  Strategies. 
Or  call  us  toll  free  I  866  731  1364. 

www.sas.com/spent 


Author  Nicholas  Carr  and  top  business  influencers  join  in  a  lively  discussion  about  his  controversial  book,  Does  IT  Matter? 
Check  out  our  Web  site  for  more  on  this  informative,  on-demand  Web  seminar. 


The  Power  to  Know \ 
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Start-up  aims  for  always-on  Exchange 


■  BY  JOHN  FONTANA 


Back-up  and  recovery  start-up  Teneros  is 
developing  an  appliance  designed  to  help 
users  ensure  that  their  Microsoft  Exchange 
environments  are  always  available. 

The  Teneros  Applications  Continuity 
Appliance  (ACA)  for  Microsoft  Exchange 


■  Fair  Isaac,  the  Minneapolis  firm 
that  offers  the  Falcon  line  of  high-end 
analytic  software  that  compiles  many 
credit  scores  and  risk  evaluations  in 
the  U.S.,  last  week  announced  Unix- 
and  mainframe-based  software  that 
unites  the  features  in  all  15  Falcon 
lines  into  one  enterprise  software 
package.  Called  Falcon  One,  the  soft¬ 
ware,  which  Fair  Isaac  will  also  be 
offer  as  a  hosted  service,  is  intended 
to  make  it  easier  for  financial  institu¬ 
tions  to  deploy  Fair  Isaac  products. 

■  Security  management  vendor 
elQnetworks  last  week  announced 
an  upgraded  version  of  its  security 
management  software  that  includes 
more  tools  to  help  customers  deal 
with  regulatory  audits.  Network 
Security  Analyzer  4.2  includes  log 
collection  mechanisms,  monitoring 
and  reporting  features,  and  analysis 
tools  that  could  help  pinpoint  the 
source  of  a  compliance  issue.  NSA  4.2 
also  includes  pre-formatted  reports 
for  regulatory  standards  such  as  the 
Health  Insurance  Portability  and 
Accountability  Act,  Sarbanes-Oxley, 
Gramm-Leach-Bliley  Act  and  Federal 
Information  Security  Management 
Act.  The  software,  which  runs  on 
Windows  servers,  uses  syslog  collec¬ 
tion  techniques  and  APIs  to  build  links 
into  systems  and  gather  data  across 
security  and  network  devices.  The 
product  also  includes  compliance 
reports  custom-designed  to  meet  mul¬ 
tiple  regulatory  auditor  requirements. 
Log  data  can  be  stored  in  any  type  of 
storage  device,  the  company  says. 
NSA  4.2  is  priced  from  $900  per 
device. 


provides  a  real-time  backup  for  the  Ex¬ 
change  mail  store  and  the  capability  to 
transfer  e-mail  operations  to  the  appliance 
if  the  Exchange  server  goes  down  or  is  in 
need  of  service. The  appliance  is  in  beta. 

Customers  can  provide  end  users  with 
uninterrupted  access  to  their  mail  stores. 
The  appliance  works  without  users  having 
to  install  any  agents  on  the  Exchange  serv¬ 
er  or  reconfigure  their  networks,  according 
to  company  officials.  Teneros  remotely 
monitors  and  updates  the  appliance. 

It  works  using  technology  Teneros  devel¬ 
oped  called  Instant-On,  which  lets  ACA 
instantly  take  over  e-mail  duties  from  an 
Exchange  server  when  problems  are  de¬ 
tected  or  a  server  fails. While  the  Exchange 
server  is  healthyACA  continually  replicates 
the  contents  of  its  mail  store. 

“Teneros  replicates  the  Exchange  infor¬ 
mation  store.  That  is  the  unique  factor,  and 
it  really  works,” says  Keith  Costas,  director  of 
engineering  at  InfoF’artners,  a  systems  inte¬ 
grator  in  San  Mateo,  Calif.11  We  have  tried  for 
years  and  years  and  years  all  types  of  solu¬ 
tions  for  Exchange  backup  and  recovery 

He  says  products  from  Legato  Systems, 
Microsoft  and  NetApps  all  had  major  draw¬ 
backs.  In  addition,  Costas  says  Teneros  lets 
him  schedule  general  Exchange  mainte¬ 
nance  anytime,  instead  of  just  off-peak 
hours  when  the  entire  system  had  to  be 
down.  And  he  says  rebuilding  a  failed  serv¬ 
er  takes  about  90  minutes  compared  with 
10  to  12  hours,  because  Teneros  holds  a 
copy  of  the  entire  mail  store. 

In  the  event  of  an  Exchange  failure,  the 
appliance,  which  sits  in  front  of  Exchange 
on  the  network,  assumes  Exchange’s  IP 


Targeting  downtime 

Start-up  Teneros  is  developing  an  appliance  to  help  keep  Exchange 
environments  up  and  running.  The  company  will  face  competition  from 
a  number  of  vendors,  although  none  that  offer  an  appliance. 


Vendor 

Product 

Description 

Neverfail 

l  ; 

Neverfail  for  Exchange 

i§  fpi  m 

Neverfail  Heartbeat  replicates  data  . 
between  Exchange  and,  back-up  server. 

NSI  Software 

NSI  Solutions  for 
Exchange 

Company’s  Double-Take  technology 
replicates  changes  to  Exchange  data 
continuously. 

XOsoft 

■Ml 

Enterprise  Rewinder 
Exchange 

' 

Automatic  failover;  Rewinder  returns  data 
to  pre-corrupted  state. 

address  to  ensure  that  incoming  mail  is  not 
dropped  and  users  can  get  to  their  in¬ 
boxes.  ACA  takes  the  mail  it  receives  when 
Exchange  is  down  and  replicates  it  back  to 
the  server  when  it  is  brought  back  online. 

“ACA  sits  at  the  Ethernet  layer.  We  are  a 
pass-through;  we  don’t  intercept  e-mail,” 
says  Manish  Kalia,  director  of  product 
management  for  Teneros.  “When  Ex¬ 
change  goes  down,  within  a  second  we 
want  to  flip  users  over  to  ACA.  What  we 
have  is  unique  technology  to  do  that 
switch.” 

Also  unique  to  ACA  is  Teneros’  Trans¬ 
action  Integrity  Validation  real-time  data 
verification  technology,  which  ensures 
corrupt  data  in  Exchange  is  not  replicated 
to  ACA. 

To  harden  itself  from  failure,  ACA 
has  multiple  independent  CPUs, 
hot-swappable  power  supplies  and 
hard  disks,  and  hardware  RAID  with 


redundant  controllers. 

ACA  also  includes  built-in  Sophos  anti¬ 
virus  and  anti-intrusion  technology  to  pro¬ 
tect  against  worms,  viruses,  network-level 
attacks,  identity  spoofing  and  Trojans. 

One  ACA,  which  is  priced  starting  at 
$10,000,  is  needed  for  each  Exchange 
server,  which  can  have  up  to  100G  bytes  of 
mail  or  250  users.  Teneros  also  can  devel¬ 
op  custom  models  for  users  with  larger 
Exchange  servers. 

ACA,  which  competes  with  similar  prod¬ 
ucts  from  XOsoft,  NSI  Software  and  Never- 
fail,  supports  client  access  from  Outlook 
2003,2002,2000  and  XRand  Outlook  Web 
Access,  Microsoft’s  browser-based  client. 
On  the  server  side,  the  appliance  supports 
Exchange  2003  and  Active  Directory  run¬ 
ning  on  Windows  Server  2003.  A  version  is 
planned  that  will  support  Exchange  2000. 

ACA  is  expected  to  be  available  in 
August.  ■ 


Symantec  targets  client  management 

Company  announces  products  to  manage,  secure  and  restore  desktop  devices. 


■  BY  DENISE  DUBIE 

Symantec  last  week  unveiled  a  suite  of 
client  management  applications  that  the 
company  says  will  converge  management 
features,  security  capabilities  and  storage 
tools  to  help  customers  more  easily  main¬ 
tain,  secure  and  restore  end-user  desktops 
and  other  client  devices. 

The  company  says  it  has  brought 
together  capabilities  from  its  Norton  anti¬ 
virus  and  Ghost  back-up  and  recovery 
tools  with  systems  management  technol¬ 
ogy  acquired  in  February  2004  from  On 


Technology  to  deliver  its  LiveState  Client 
Management  Suite.  The  suite  includes 
seven  software  applications.  Some  are 
stand-alone,  others  are  add-ons  that  snap 
into  other  products.They  address  desktop 
management  tasks  such  as  asset  discov¬ 
ery,  software  delivery,  configuration  man¬ 
agement,  patch  management,  vulnerabil¬ 
ity  assessment,  imaging,  migration,  remote 
control,  and  backup  and  recovery. 

Symantec  strings  together  the  tools  by 
incorporating  a  common  database  and 
agent  within  the  applications.  The  suite 
uses  server  and  distributed  agent  software 


to  manage  and  secure  end-user  clients. 
Because  different  IT  administrators  would 
use  the  products,  Symantec  says  it  main¬ 
tained  separate  consoles  for  the  applica¬ 
tions  but  incorporated  Web-based  inter¬ 
faces  “with  a  similar  look  and  feel.”  For 
example,  a  security  staffer  in  charge  of 
anti-virus  scans  would  access  one  con¬ 
sole  and  a  network  administrator  respon¬ 
sible  for  distributing  software  to  desktops 
would  use  another. 

The  company  says  integrated  tools  that 
address  the  security  storage  and  manage 

See  Symantec,  page  26 
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Three  weeks  ago  I  wrote  about  the 
U.S.  government’s  efforts  to  keep  the 
pending  electronic  passport  from 
being  too  secure.!  still  don’t  know  for  sure 
why  the  government  tried  so  hard  to  do 
this,  but  it’s  beginning  to  look  like  we 
should  apply  the  old  adage  “Never  ascribe 
to  malice  what  can  be  adequately  ex¬ 
plained  by  stupidity’ 

Deputy  Assistant  Secretary  of  State  Frank 
Moss  spoke  on  a  panel  about  electronic 
passports  at  the  Conference  on  Com¬ 
puters,  Freedom  &  Privacy  (www.cfp2005. 
org)  in  mid-April.  Security  guru  Bruce 
Schneier  and  Barry  Steinhardt,  director  of 
the  ACLU’s  Freedom  and  Technology  Pro¬ 
gram,  joined  him  on  the  panel.You  have  to 


Maybe  it  is  mulish  stupidity  after  all 


give  Moss  credit  for  being  willing  to  come 
to  what  was  obviously  going  to  be  a  den 
of  doubters. 

Network  World  sister  publication  PC 
World  (www.networkworld.com,  Doc- 
Finder:  7022)  covered  the  event  and  pro¬ 
vided  audio  recordings  of  the  talks. 
Schneier  spoke  first  and  focused  on 
putting  the  issues  in  context  (DocFinder: 
7023). 

Next  came  Moss,  who  said  the  govern¬ 
ment  had  received  more  than  2,400  com¬ 
ments  on  the  electronic  passport  proposal 
(DocFinder:  7024).  He  did  not  say  but  it’s 
my  guess  that  most  of  the  comments  did 
not  much  like  the  proposal.  He  said  that  the 
passports,  which  are  scheduled  to  be  given 
to  US.  diplomats  in  August,  would  not  be 
implemented  unless  the  government  was 
sure  that  they  would  be  safe.  (The  govern¬ 
ment  is  doing  a  test  drive  of  its  own  tar¬ 
gets.)  He  said  that  the  government  was 
looking  at  a  number  of  options,  including 
building  a  Faraday  cage  into  the  passport 


to  block  scanning,  but  then  he  reiterated 
that  the  passports  could  only  be  read  by  a 
scanner  from  a  distance  of  10  cm.  He  went 
on  to  say:  “The  idea  that  you  can  walk 
down  a  hallway  in  a  hotel  and  pick  out  the 
Americans,  is  quite  honestly  poppycock. 
The  same  thing  goes  for  the  bar  in  Beirut. 
These  things  can  only  be  read  at  very  short 
distances.”  I  expect  Moss  is  right  about  the 
hotel  hallway  but  expect  he  is  incorrect 
about  the  Beirut  bar  —  something  that  he 
was  about  to  find  out. 

Third  up  on  the  panel  was  Steinhardt, 
who  proceeded  to  give  a  live  demonstra¬ 
tion  of  scanning  a  passport,  which  was  out¬ 
fitted  with  an  RFID  chip  of  the  type  speci¬ 
fied  in  the  standard,  at  a  distance  of  three 
feet.  Moss  finally  seemed  to  have  paid 
attention  when  this  was  demonstrated  in 
front  of  him  because  a  few  days  later,  he 
told  Wired  News  that  the  government  was 
suddenly  “taking  a  very  serious  look”  at  the 
scanning  issue.  He  didn’t  say  what  the 
result  of  the  serious  look  might  be,  but 


maybe  the  government  will  adopt  the 
Basic  Access  Control  (DocFinder:  7025) 
standard  developed  by  the  same  people 
who  developed  the  rest  of  the  standards  for 
electronic  passports.  See  the  paper  “Secu¬ 
rity  and  Privacy  Issues  in  E-passports”  by 
researchers  Ari  Juels,  David  Molnar  and 
David  Wagner  (DocFinder:  7026)  for  an 
analysis  of  this  and  other  security  issues 
about  e-passports. 

So  maybe  Moss  and  company  just  need¬ 
ed  to  be  shown  they  were  wrong  —  in  pub¬ 
lic  —  to  get  them  to  listen.  We  will  know 
soon  if  they  learned  any  lasting  lessons. 

Disclaimer:  Lasting  lessons  are  what 
places  like  Harvard  are  all  about  but  we 
prefer  to  not  use  public  embarrassment  to 
get  a  student’s  attention.  Anyway,  the 
above  is  my  hope,  unshared  (as  far  as  I 
know)  by  the  university 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


Vendors  improve  remote  server 
management  products 


■  BY  DENISE  DUBIE 

Server  management  vendors  last  week 
at  Interop  introduced  products  designed 
to  give  systems  administrators  direct 
access  to  remote  machines  and  ease 
management  tasks. 

Avocent  and  Cyclades  separately  un¬ 
veiled  products  that  will  let  customers 
take  control  of  multiple  remote  systems 
from  a  centralized  location. The  products 
could  eliminate  the  need  for  administra¬ 
tors  to  visit  each  machine  for  routine 
maintenance  or  troubleshooting  tasks, 
and  reduce  management  traffic  on  net¬ 
works,  industry  watchers  say. 

“In  the  short  term,  products  like  this  pro¬ 
vide  access  to  infrastructure  when  there  is 
no  connectivity  over  the  network  to  a 
failed  device,  and  down  the  road  this  type 
of  technology  will  enable  infrastructure 
managers  to  more  securely  access 
machines  without  using  the  production 
network,”  says  Dennis  Drogseth,  a  vice 
president  with  Enterprise  Management 
Associates. 

Virtual  media 

Avocent  added  support  for  virtual  media 
to  its  DSView  3  management  software  and 
its  DS  Series  KVM  over  IP  switches. Virtual 
media  is  simulated  media  that  performs 
the  same  function  as  a  mass  storage 
device,  such  as  a  hard  drive,  CD  drive  or 
USB,  without  physically  being  connected, 
the  company  says.  The  DS  Series  virtual 
media  feature  will  let  administrators 
remotely  move  local  data  to  and  from 
servers  to  perform  a  variety  of  tasks  across 


Working  remotely 

More  than 

90% 

of  about  520  systems  adminis¬ 
trators  surveyed  say  the  most 
important  capability  of  remote 
administration  technologies  is 
access  to  the  remote  operat¬ 
ing  system  as  if  the  operator 
were  physically  present. 

SOURCE:  CYCLADES.  NOVEMBER  2004 


heterogeneous  platforms. 

The  software  runs  on  a  workstation  or 
laptop  and  accesses  remote  servers  using 
protocols  such  as  Intelligent  Platform 
Management  Interface  (IPMI).IPMI,  devel¬ 
oped  by  Dell,  HP  Intel  and  NEC,  defines 
interfaces  for  use  in  monitoring  the  physi¬ 
cal  health  of  servers  such  as  temperature, 
voltage,  fans,  power  supplies  and  chassis. 
The  goal  is  to  enable  easier  management 
of  large  numbers  of  servers  from  multiple 
vendors. 

Avocent  says  an  administrator  can  use 
the  DSR  appliances  through  a  USB  2.0 
interface  to  upload  fixes  or  patches  direct¬ 
ly  to  attached  servers,  or  use  the  DSView  3 
software-mapping  menu  to  manage 
remote  target  servers. 

“Avocent’s  move  to  using  IPMI  is  a  natur¬ 
al  evolution  of  its  KVM  background,”  says 
Kelly  Quinn, an  analyst  with  IDC.The  plat- 


form-agnostic  capabilities  will  offer  cus¬ 
tomers  more  options  than  what  they 
could  get  from  the  server  vendors.” 

Pricing  for  DSView  3  software  ranges 
from  about  $2,500  to  $4,500. 

Separately,  Cyclades  announced  its 
AlterPath  software  would  be  integrated 
with  HP  OpenView  to  help  customers 
access  details  of  their  server  infrastruc¬ 
tures  from  their  OpenView  consoles. 

The  AlterPath  Integrate  for  HP  Open- 
View  software  modules  run  on  top  of 
OpenView  and  enable  integration  be¬ 
tween  OpenView  and  AlterPath.  The 
OpenView  software  module  is  expected 
to  be  available  next  month. 

Pricing  starts  at  about  $10,000  for  a  1U 
server  installation  and  about  $15,000  for  a 
2U  server  installation. 

Cyclades  also  last  week  introduced  a 
new  branch-office  appliance,  the  Alter¬ 
Path  OnSite,  which  the  company  says  will 
let  network  managers  configure  and  man¬ 
age  remote  servers  and  routers  from  one 
location. 

Cyclades  will  pre-configure  the  appli¬ 
ance  and  customers  would  install  it  at  a 
remote  location  and  connect  it  to  serial 
ports  on  servers  and  routers. 

AlterPath  OnSite  is  expected  to  be  avail¬ 
able  next  month. Pricing  starts  at  about 
$3,200.  ■ 
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Symantec 

continued  from  page  25 

ment  needs  of  desktop  users  could  help 
lower  operations  costs  for  corporations. 
According  to  Gartner,  the  total  cost  of  own¬ 
ership  associated  with  procuring,  owning, 
supporting  and  disposing  of  a  desktop  can 
range  anywhere  from  $4,000  to  $1 1,000  per 
desktop,  per  year. 

Industry  watchers  say  Symantec  and 
competitors  such  as  Altiris,  Computer 
Associates,  IBM  Tivoli  and  LANDesk  have 
been  incrementally  merging  systems  and 
security  management  tools,  especially 
those  dealing  with  desktops,  which  in 
large  organizations  can  reduce  manual 
maintenance  tasks  and  duplication  of 
efforts. 

“The  suite  combines  all  these  different 
desktop  tasks  together  with  a  straightfor¬ 
ward  process  flow  that  can  cross  organi¬ 
zational  boundaries  —  for  example,  secu¬ 
rity  and  PC  administration,”  says  Jasmine 
Noel, a  principal  analyst  with  Ptak.Noel  & 
Associates.  “Enterprise  companies  are 
realizing  that  treating  PC  management  as 
individual  tasks  takes  a  lot  of  manual 
effort  that  has  to  be  duplicated  with 
every  new  project. With  clear  policies  and 
processes,  the  odds  of  automation  and 
optimization  are  much  better  so  it 
becomes  cheaper  to  manage  thousands 
of  PCs  at  a  time." 

LiveState  Client  Management  Suite  is 
expected  to  be  available  in  the  next  two 
weeks.  Pricing  for  the  suite  starts  at  about 
$150  per  seat  with  a  10-seat  license.  Stand¬ 
alone  software  applications  are  also  set  for 
availability  LiveState  Delivery  costs  about 
$80  per  seat  with  a  10-seat  license.  LiveState 
Patch  Manager  is  priced  at  about  $20  per 
seat  with  a  10-seat  license,  and  Discovery 
costs  about  $35  per  seat  with  a  10-seat 
license.  All  licenses  come  with  a  one-year 
service  contract.  ■ 


IAN  SKELTON 

Marketing  Operations  Manager 
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How  Does 
BMW  Deliver 
Application 
Performance 
on  the  WAN? 


BMW  deploys  FineGround.  By  installing  the 
FineGround  application  delivery  appliance 
in  their  data  center,  they  deliver  LAN-like 
performance  to  their  remote  operations, 
employees,  and  users  around  the  globe.  No 
remote  boxes.  No  infrastructure  upgrades. 
And  no  application  rewrites. 

If  your  organization  has  a  global  user  base, 
FineGround  has  the  solution  for  delivering 
yourbusiness-critical  applications.  Contactus 
today  for  a  free  proof  of  concept.  We'll  show 
you  how  your  web  business  can  perform. 


www.fineground.com/BMW 


1 .866.  WAN2LAN 


FineGround 

How  Web  Business  Performs 
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MANAGEMENT  SUITE  for  DELL  SERVERS 


NOW  YOU  HAVE  TIME 
FOR  A  CHANGE. 
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Speedy  server  deployment.  Just  one  console. 

Now,  Dell™  PowerEdge™  administrators  only  need  one  console  to 
deploy,  manage,  monitor,  patch  and  update  software  and  hardware 
for  Microsoft®  Windows®  and  Red  Hat®  Linux®  environments.  With 
all  those  features  fully  integrated,  Dell  OpenManage  with  Altiris 
Management  Suite  for  Dell  Servers  helps  get  systems  up 
and  running  fast,  saving  IT  time  and  resources. 

Take  some  time  to  see  for  yourself. 

Visit  deli.com/altiris4todayfor  a  demonstration  and  whitepaper. 


DEPLOYMENT  80%  COMPLETE 


GET  MORE  OUT  OF  CHANGE. 
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I  EXTRANETS  ■  INTEREXCHANGES  AND  LOCAL  CARRIERS 
REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE  DEVELOPMENTS 


Politics,  policy  and  pragmatism 


EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


Every  now  and  then,  readers  comment 
on  a  column  they  think  is  “too  politi¬ 
cal,”  or  that  they  believe  stems  from  a 
particular  political  bias  on  my  part.  In  these 
polarized  times,  that  belief  is  understand¬ 
able.  But  it’s  generally  a  mistake. 

For  one  thing,  folks  who  think  they  can 
easily  categorize  my  politics  might  be  in  for 
a  surprise. As  I’ve  told  a  few  readers  directly 
I’m  a  churchgoing,  gun-owning,  free-market- 
supporting,  civil  libertarian.  I’ve  voted  both 
Democratic  and  Republican  (and  have 
voted  a  split  ticket  in  most  recent  elec¬ 
tions).  Regular  readers  know  that  I  grew  up 
in  a  military  family  and  have  a  deep  respect 
for  the  U.S.  armed  forces  (although  I  know 
the  military  is  often  called  on  to  support 


■  New  Edge  Networks  last  week  an 
nounced  that  it  upgraded  its  North 
American  broadband  network,  which 
supports  DSL,  ATM,  frame  relay  and 
IP  services,  with  Multi-protocol  Label 
Switching  gear  from  Alcatel.  The  pri¬ 
vately  held  carrier  would  not  say  how 
much  it  has  invested  in  its  Big  Foot 
project. 

■  A  new  IDC  report  says  U.S.  carri¬ 
ers  are  bringing  in  a  nice  chunk  of 
change  from  wireless  data  ser¬ 
vices.  The  consulting  firm  says  con¬ 
sumers  and  business  users  spent  $1.6 
billion  on  wireless  data  services  in  the 
fourth  quarter  of  2004.  That  repre¬ 
sents  a  20%  growth  rate  over  the 
third  quarter.  Of  the  $1.6  billion,  $810 
million  stemmed  from  messaging  ser¬ 
vices.  Cingular  Wireless,  the  largest 
wireless  service  provider  in  the  U.S., 
brought  in  the  most  in  wireless  data 
service  revenue  followed  closely  by 
Verizon  Wireless. 


controversial  policies). 

I  read  both  The  New  Republic  and  the 
National  Review  (plus  The  Wall  Street 
Journal  and  my  hometown  paper).  I’ve 
been  both  a  union  member  and  a  serial 
entrepreneur  who’s  helped  create  hun¬ 
dreds  of  jobs.  Over  the  years,  I’ve  both  sup¬ 
ported  and  opposed  various  flavors  of  gov¬ 
ernment  intervention  and  investment. 

In  short,  you  and  I  can  probably  find 
many  significant  issues  to  agree  on  (or  if 
you’d  prefer,  to  disagree  over). 

But  more  importantly  if  I  have  an  over¬ 
arching  bias,  it’s  toward  pragmatism.  I’m  an 
engineer  by  training  and  temperament.  I 
favor  things  that  can  demonstrably  be 
shown  to  work  (as  opposed  to  things  that 
merely  fulfill  someone’s  ideological  frame¬ 
work). 

That’s  the  real  reason  it’s  a  good  idea  to 
avoid  political  pigeonholing:  Sometimes 
people  on  the  other  side  of  the  political 
divide  have  ideas  that  actually  work. 

Take  telecom  policy  My  friend  and  col¬ 
league  K.  Claffy  recently  asked  me  to  pro¬ 
vide  examples  of  cases  in  which  govern¬ 
ment  regulation  inhibited  innovation  and 
competition,  and  cases  in  which  the  free 
market  inhibited  innovation  and  competi¬ 
tion.  I  listed  several  in  both  categories  — 
and  cases  in  which  telecom  and  commu¬ 
nications  regulations  actually  encouraged 
innovation  and  competition.  (Details  in 
upcoming  columns.) 

In  short,  there’s  no  one-size-fits-all  philos¬ 
ophy  or  ideology  that  leads  to  the  creation 
of  perfect  telecom  policy  For  pragmatists 
like  me,  neither  government  intervention 
nor  an  unfettered  free  market  is  ipso  facto 
the  right  (or  wrong)  answer.  Each  can 
work:  Government  funding  created  one  of 
the  greatest  communication  innovations  in 
modern  history  (the  Internet)  —  and  the 
free  market  transformed  it  from  a  feat  of 
engineering  into  an  economic  force. 

Now  we’re  at  a  critical  inflection  point  in 
telecom  policy  Deregulation  of  the  old  Bell 
system,  the  maturation  of  the  Internet  and 
the  rise  of  new  technologies  and  models 
such  as  VoIP  satellite  services  and  Wi-Fi 
municipal  networks  means  it’s  a  whole 
new  world  out  there.  If  you  agree  that  the 
best  policies  are  those  that  are  actually 
effective  at  accomplishing  their  goals,  then 
it’s  time  for  a  pragmatic  look  at  what  does 
and  doesn’t  work.  Stay  tuned! 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Verizon:  Out  with  Wi-Fi, 
in  with  EV-DO  networks 


■  BY  JIM  DUFFY 

Word  from  Verizon  that  it  plans  to  decom¬ 
mission  the  hundreds  of  free  Wi-Fi  hot 
spots  it  turned  up  in  New  York  City  two 
years  ago  has  some  observers  suggesting 
that  demand  for  such  public  wireless  ser¬ 
vices  is  limited. 

“This  may  be  the  beginning  of  the  end,” 
says  Bob  Egan,  president  of  consulting  firm 
Mobile  Competency“It’s  very  much  a  niche 
application ....  In  terms  of  hot  spots  as  a  pri¬ 
mary  source  of  revenue,  nobody’s  making 
money  and  they’re  not  going  to.” 

Wi-Fi  service  doomsayers  acknowledge 
that  hot  spots  will  have  their  place  at  cer¬ 
tain  retail  establishments,  airports  and 
other  venues.  After  all,  the  number  of  hot 
spots  is  expected  to  grow  over  the  next  few 
years  (see  graphic).  But  they  say  public  Wi¬ 
Fi,  which  operates  in  unlicensed  radio  fre- 
See  Verizon,  page  30 


Hot  or  not? 

The  number  of  hot  spots  in  the 
U.S.  is  set  for  strong  growth 
although  Wi-Fi  services  usage  is 
expected  to  pale  in  comparison 
to  that  of  Frame,  IP  and  other 
services. 


Hot  spots 
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AT&T  rolls  out  hosted  IP 
PBX  service  at  Interop 


■  BY  DENISE  PAPPALARDO 

AT&T  last  week  announced  a  suite  of  IP 
services  that  will  include  voice,  conferenc¬ 
ing,  messaging  and  video. 

The  first  of  its  Dynamic  Network  Appli¬ 
cations  is  AT&T  Voice  DNA,  a  network- 
based,  hosted  IP  PBX  service  similar  to  tra¬ 
ditional  Centrex  offerings  that  the  local 
exchange  carriers  have  offered  for  years. 

AT&T,  which  introduced  the  offerings 
at  Interop  in  Las  Vegas,  hinted  about  its 
plans  last  month.  Voice  DNA  will  let 
users  upgrade  to  an  IP  PBX  environ¬ 
ment  without  having  to  deploy  or  man¬ 
age  voice  switches  on-site.  The  service 
offers  an  automated  attendant,  locate- 
me  feature,  the  ability  to  have  multiple 
phones  ring  for  one  user,  on-demand 
audioconferencing  and  integration  with 
Microsoft  Outlook. 

One  of  the  key  options  is  an  Any  Dis¬ 
tance  calling  plan,  which  provides  users 
with  VoIP  end-to-end.  This  is  the  first 
time  AT&T  is  offering  business  users 
local  VoIP  support,  says  Joe  Aibinder, 


director  of  VoIP  services. 

AT&T  is  using  gateways  it  already  had 
deployed  through  100  markets  across  the 
U.S.  to  support  its  consumer  VoIP  service, 
AT&T  CallVantage,  to  also  support  local 
VoIP  traffic  for  business  users. 

Using  VoIP  end-to-end  can  save  some 
customers  up  to  20%  compared  with  leg¬ 
acy  local  and  long-distance  voice  services, 
Aibinder  says. 

The  Any  Distance  calling  plan  includes 
unlimited,  on-net,  local  and  long-distance 
calling.This  plan  is  only  for  users  within  the 
100  markets  where  the  carrier  has  local 
facilities. 

Regional  businesses  also  can  select 
AT&T’s  local  calling  plan  option  or  its  long- 
distance-only  plan,  which  includes  unlimit¬ 
ed  on-net,  and  competitive  long-distance 
and  international  rates. 

The  Voice  DNA  service  supports  IP 
phones  from  Cisco,  Fblycom  and  others,  as 
well  as  softphones  from  a  handful  of  ven¬ 
dors,  the  carrier  says. 

Voice  DNA  starts  at  $10  to  $20  per  month, 
per  line.  M 
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Unplug  and  play:  Uniting  mobile  devices,  PBXs 


■  BY  DENISE  PAPPALARDO 

As  a  mobile  device  user, do  you  have  desktop  phone 
envy? 

Sure,  going  mobile  spells  freedom,  but  it  also  often 
means  giving  up  traditional  PBX-based  phone  system  fea¬ 
tures  such  as  abbreviated  dialing,  call  transferring  and 
multiparty  teleconferencing. 

Ford,  for  example,  is  ditching  8,000  landline,  desktop 
phones  in  favor  of  wireless  devices,  but  has  no  plan  yet  to 
integrate  those  devices  with  the  company’s  PBX  or  new 
IP  PBX  (see  www.networkworld.com,  DocFinder:  7031). 

PBX  makers  are  working  to  address  such  situations  by 
extending  their  products  to  embrace  wireless  devices,  but 
don’t  look  for  much  in  the  way  of  new  offerings  until  later 
this  year.  Meanwhile,  a  group  of  lesser-known  companies 

I  fe  Today,  users  need  specialized 
applications  that  work  through 
their  PBX  and  some  are 
expensive.  9  9 

Philip  Redman 

Research  vice  president,  Gartner 

is  bridging  the  gap  between  mobile  users  and  back-end 
phone  systems  with  new  products  and  services. 

“Todayusers  need  specialized  applications  that  work 
through  their  PBX,  and  some  are  expensive,”  says  Philip 
Redman,  a  research  vice  president  at  Gartner. 

Early  players 

Early  players  in  the  mobile-PBX  integration  market 
include  Ascendent  Systems  and  Orative,  whose  offerings 
work  across  different  vendors’  PBXs  and  mobile  devices. 

“There  are  50  to  100  billion  installed  PBXs  in  the  world,” 
says  Ascendent  Vice  President  of  Marketing  Walt 
Blomquist. 

Ascendent’s  FowerConnect  server-based  software  sits 
behind  the  firewall  and  in  front  of  the  PBX,  delivering  tra¬ 
ditional  PBX  features  such  as  four-digit  dialing,  transfer¬ 
ring  calls,  putting  calls  on  hold  and  direct  access  to  cor¬ 
porate  voice  mail  to  users’  wireless  devices.  No  client  soft¬ 
ware  is  required. 

PbwerConnect  also  acts  as  a  back-up  system.  If  a  com¬ 
pany  loses  its  phone  lines  because  of  a  fiber  cut,  for 
example,  the  Ascendent  system  can  forward  calls  to 
users’  wireless  phones  or  landline  phones  outside  of  the 
office.To  exploit  this,  companies  need  to  work  with  their 
local  service  provider  to  set  up  a  separate  fiber  line  to 
reroute  calls  to  an  Ascendent  server. 

This  back-up  feature  sold  Claymore  Securities  on 
Ascendent.The  Lisle,  Ill.,  financial  services  company 
deployed  PowerConnect  as  part  of  its  business-continuity 
plan, says  Gregory  Miller,  manager  of  IT. 

Claymore’s  management  team  initially  balked  at  mak¬ 
ing  PbwerConnect  part  of  the  company’s  disaster-recovery 
plan.  But  Miller  says  the  day  after  he  pitched  manage¬ 


ment  on  the  system,  a  fiber  cut  outside  the  building  con¬ 
vinced  management  to  reconsider. 

“I  got  someone  from  our  leadership  team  to  look  out 
the  window.  I  told  him  we  were  four  inches  from  losing 
our  telecom  service  today’  Miller  says. 

Users  can  buy  PowerConnect  based  on  a  three-year  or 
perpetual  license.  Ascendent  charges  $5  per  month,  per 
user  for  1,000  users  for  a  three-year  license.  A  perpetual- 
term  license  costs  about  $250,000  for  1,000  users. 

Another  offering  comes  from  Orative,  a  three-year-old 
company  that  launched  its  Enterprise  Server  in  March. 
Server  software  communicates  with  a  company’s  tradi¬ 
tional  or  IP  PBX  switches,  while  client  software  installs  on 
wireless  devices  running  common  mobile  operating  sys¬ 
tems. 

Features  include  a  phone  book  that  lets  end  users 
select  group  directories  from  larger  corporate  directories 
and  download  them  onto  their  wireless  phones. 

The  software  also  offers  security  in  that  if  end  users  lose 
their  phone,  sensitive  corporate  data  on  the  device  can 
be  deleted  remotely 

Cisco  has  been  testing  Orative  Enterprise  Server  inter¬ 
nally  but  it  is  not  a  paying  customer.  One  IT  manager  at 
the  company,  who  asked  not  to  be  named,  says  Orative’s 
directory  feature  “allows  users  to  feel  like  they  are  part  of 
a  worldwide  team  regardless  of  where  they  are.” 

The  phone  book  also  has  a  presence-aware  feature  that 
lets  users  see  if  employees  they  are  looking  to  call  are 
available. 

A  notification  feature  lets  end  users  send  reminders  or 
meeting  requests  to  individuals  or  user  groups  through 
the  Orative  portal,  which  is  part  of  the  server.  By  integrat¬ 
ing  an  Orative  server  with  current  Exchange  or  Domino 
servers,  end  users  also  can  have  reminders  from  their  per¬ 
sonal  calendar  sent  directly  to  their  wireless  device. 

Cisco  especially  likes  Orative’s  security  features.“If  an 
employee  loses  a  phone  or  it’s  stolen,  with  a  push  of  a 
button  all  of  the  information  on  that  phone  can  be 
destroyed.That’s  very  valuable  for  a  company  like  ours 
that  supports  about  80,000  phones  a  year’’  the  IT  manager 
says. 

Orative’s  software  starts  at  $5,000  for  a  server,  plus  $2,500 
for  a  Client  Access  License  Starter  Pack  that  supports  25 
users. 

On  the  horizon 

Customers  seeking  wireless-to-PBX  integration  might 
soon  also  be  able  to  go  the  services  route. 

BroadSoft  recently  rolled  out  an  application  that  the 
company  says  will  let  wireless  service  providers  make 
available  Centrex-like  offerings  to  business  customers. 
Services  could  include  features  such  as  auto  attendant, 
call  center  functionality  abbreviated  dialing  and  instant 
messaging.  BroadSoft  says  it  is  in  talks  with  service 
providers  in  the  U.S.,  Europe  and  Asia,  but  isn’t  naming 
names. 

Companies  looking  for  a  product  from  their  current  IP 
PBX  vendors  will  likely  have  to  wait  until  at  least  the  third 
quarter,  when  Avaya  plans  to  deliver  (DocFinder:  7032). 

Avaya  announced  in  March  that  it  is  developing 
Communications  Manager  software  that  will  be  part  of  its 
MultiVantage  Communications  Applications  suite  that  will 


let  users  port  PBX  features  to  specific  wireless  devices. 
InitiallyAvaya’s  system  only  will  work  with  Nokia  Series 
60-based  wireless  devices  running  SymbianOS.  Gartner’s 
Redman  says  Avaya  also  is  working  with  Motorola  and 
plans  to  expand  the  list  of  wireless  devices  its  system  will 
work  with. 

The  drawback  to  Avaya’s  planned  offerings  is  that  they 
only  will  work  with  its  own  products. 

Gartner’s  Redman  says  he  expects  Cisco,  Nortel  and 
Siemens  to  offer  similar  features  by  mid-2006.  ■ 


Verizon 

continued  from  page  29 

quency  spectrum,  does  not  appear  poised  to  become  a 
strategic-business,  remote-access  service. 

“Hot  spots  are  more  of  a  social  gathering  application 
with  low  security’ says  Larry  Swasey  a  senior  analyst  at 
Visant  Strategies.  EV-DO  “brings  in  more  users,  and  it’s  a 
more  secure  environment.” 

Cellular  data  services  such  as  2M  bit/sec  EV-DO  and  the 
14.4M  bit/sec  High-Speed  Downlink  Packet  Access, 
although  slower  than  Wi-Fi,  have  far  wider  coverage, 
enable  roaming  and  operate  in  licensed  spectrum  less 
susceptible  to  interference. 

EV-DO  is  where  Verizon  is  placing  its  bets.  The  carrier, 
which  had  initially  planned  to  turn  up  1,000  Wi-Fi  hot 
spots  in  New  York  by  the  end  of  2003  for  its  DSL  cus¬ 
tomers  (see  www.networkworld.com,  DocFinder:  7034), 
is  now  steering  mobile  business  customers  to  its  cellu¬ 
lar  EV-DO  BroadbandAccess  service,  which  costs  $80 
per  month. 

“Wi-Fi  was  a  stopgap  for  them  before  they  could  get 
[EV-DO]  out,”  Egan  says. 

The  business  model  for  Wi-Fi  services  —  offering 
speeds  up  to  54M  bit/sec  within  a  300-foot  radius  of  an 
access  point  —  has  been  elusive  for  carriers.  Potential 
users  have  been  turned  off  by  the  pricing  structure  for 
access  as  well  as  spotty  coverage  and  limited  roaming 
(DocFinder:  7035). 

Not  that  this  is  stopping  Sprint,  which  recently  said  it 
has  added  5,000  hot  spots  to  bring  its  total  to  19,000, 
and  has  another  6,000  planned  by  year-end 
(DocFinder:  7036). 

For  Verizon,  hot  spot  service  didn’t  generate  demand  — 
less  than  half  of  the  380  hot  spots  it  is  decommissioning 
generated  more  than  80%  of  the  traffic. 

“Usage  didn’t  live  up  to  our  expectations,”  a  Verizon 
spokesman  said.“Customers  didn’t  take  advantage  of  it.” 

Also  on  the  horizon  is  WiMAX,  which  can  transfer 
around  70M  bit/sec  over  a  distance  of  30  miles  to  thou¬ 
sands  of  users  from  one  base  station.  Carriers,  including 
Verizon,  are  in  various  stages  of  trial  with  WiMAX  gear, 
and  services  are  expected  to  debut  within  the  next  two 
years. 

“When  you  come  along  into  an  area  like  WiMAX,  it  may 
be  that  the  balance  is  restored  because  you’re  going  to 
have  licensed  spectrum,  you’re  going  to  have  a  greater 
range,  and  carriers  will  have  more  control  over  behavior 
and  revenue  potential,”  says  Thomas  Nolle,  president  of 
consultancy  CIMI.B 
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Exercise  Choice™ 


Unveiling  a 
new  concept  in 
secure,  converged, 
enterprise  solutions. 


An  exciting,  major  new  component  in  the 
3Com®  Enterprise  networking  range  will  be 
announced  soon. 

A  fresh  angle,  a  new  dynamic  —  3Com  delivers  the 
complete  portfolio  for  secure,  converged  networks. 
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IP  Telephony  Switching  Wireless  Routing  Security 


To  register  for  your  own  private 
viewing,  log  on  to: 

www.3comsecureconvergence.com 
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Color  imageRUNNER  C3220 


Nothing  helps  you  improve  your  perspective 


on  the  day  quite  like  the  ability  to  do  things 
a  little  better,  a  little  faster,  and  a  little  more 


beautifully.  That’s  why  Canon  has  added  a 


color  booklets,  brochures  and  manuals.  You  can 


even  scan  and  e-mail  color  documents.  All  in  house, 


and  all  from  the  comfort  of  your  desktop.  And  with 


the  Color  imageRUNNER  C3220,  productivity 


increases  while  color  stays  fast  and  affordable. 


How’s  that  for  working  the  way  you  need  to? 
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new  addition  to  our  imageRUNNER®  line.  With 
the  new  Color  imageRUNNER  C3220  and 
imageWARE™  Publishing  Manager  Software,  you 
can  create,  publish  and  print  professional-quality 
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Spam  and  virus  protection  at  an  affordable  price. 

•  No  per  user  license  fees  j  l  i 

•  Prices  starting  at  $1399  -  -  p|| 

•  Powerful,  enterprise-class  solution 

\ 

Barracuda  Spam  Firewall 


’'Copyright  2005,  Barracuda  Networks,  Inc.  All  rights  reserved.  Reclaim  Your  Emait.and  Barracuda  Spam  Firewall  are  either 
traoamarks  or  registered  trademarks  of  Barracuda  Networks.  Inc.  and/or  it  subsidiares  in  the  United  States  and/or  other  countries. 


Aggressive  Reseller  Program 

POWERFUL  EASY  TO  USE  AFFORDABLE  Get  more  info  by  visiting  www.foarracudanetworks.com/NECC 

or  by  calling  1 -888-ANTI-SPAM  or  408-342-5400 


IPMI  V2.0  simplifies  server  mgmt 


Intelligent  Platform  Management  Interface 

I  HOW  IT  WORKS  IPMI  Version  2.0  defines  the  protocols  for  interfacing 
with  a  service  processor  embedded  into  a  server 
platform.  It  allows  an  off-site  administrator  to  monitor 
system  health  and  control  hardware  status,  such  as 
rebooting  a  server. 


O  Administrator  connects  via  ©  IPMI  manager  uses  IPMI  over  ©  BMC  connects  to  sensors,  redundant  power, 
Web  or  LAN  to  IPMI  manager, 
which  may  be  integrated  in  an 
out-of-band  appliance. 


IP  to  connect  to  baseboard 
management  controller  (BMC), 
which  resides  on  server 
motherboard. 


CPU,  BIOS  and  operating  system  console  via 
a  system  bus.  Administrator  can  monitor 
temperature,  fan  speed,  voltage,  CPU  speed, 
BIOS  and  operating  system  console 
messages,  or  reboot  the  server. 


■  BY  MARCIO  SAITO 

The  need  to  reduce  the  complexity  of  IT 
infrastructure  management  remains  a  pri¬ 
ority  on  every  IT  manager’s  agenda.  One  of 
the  most  prominent  open  standards 
addressing  that  need,  Intelligent  Platform 
Management  Interface,  has  been  adopted 
by  more  than  150  server  technology  ven¬ 
dors  to  provide  remote  access,  monitoring 
and  administration  for  servers  and  other 
hardware  assets. 

Version  2.0  of  the  IPMI  specification  is 
now  supported  on  many  rack-optimized 
servers  and  blade  computing  platforms. 
Servers  with  IPMI  functionality  let  network 
administrators  access  and  monitor  server 
hardware,  and  diagnose  and  restore  a 
frozen  server  to  normal  operations. 

IPMI  defines  the  protocols  for  interfacing 
with  a  service  processor  embedded  into  a 
server  platform.  This  service  processor  is 
called  a  baseboard  management  con¬ 
troller  (BMC)  and  resides  on  a  server  moth¬ 
erboard  or  on  the  chassis  of  a  blade  server 
or  telecom  platform.  A  BMC  links  to  a  main 
processor  and  other  on-board  elements 
using  a  simple  serial  bus. 

Service  processors  monitor  on-board 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


instrumentation  (such  as  temperature  sen¬ 
sors,  CPU  status,  fan  speed  and  voltages), 
provide  remote  power  control  capabilities 
to  reboot  a  server,  and  include  remote 
access  to  BIOS  configuration  and  operating 
system  console  information.  Because  a 
BMC  is  a  separate  processor,  the  system 
works  whether  a  main  processor  is  opera¬ 
tional  or  not. 

An  administrator  accesses  a  BMC  by 
using  an  IPMI-compliant  management 
application  loaded  on  a  desktop  or 
remotely  via  Web  interface  on  an  out-of- 
band  appliance  that  includes  IPMI  man¬ 
agement  firmware. 

During  normal  operations,  IPMI  lets  a 
server  operating  system  obtain  information 
about  a  system’s  health  and  control  system 
hardware.  For  example,  IPMI  enables  the 


monitoring  of  sensors  (such  as  tempera¬ 
ture,  fan  speeds  and  voltages)  for  proactive 
problem  detection.  If  server  temperature 
rises  above  specified  levels,  the  server  oper¬ 
ating  system  can  direct  the  BMC  to 
increase  fan  speed  or  reduce  processor 
speed  to  address  the  problem. 

IPMI  also  can  operate  out  of  band  (inde¬ 
pendent  of  a  production  IT  network)  to  let 
an  external  agent  monitor  system  health 
and  control  hardware  status.  IPMI  mes¬ 
sages  follow  the  same  format  whether  they 
are  received  through  an  operating  system 
or  are  sent  and  received  out  of  band.  Most 
of  the  operations  involve  sending  a  com¬ 
mand  to  a  BMC  and  receiving  a  response 
with  the  information  requested. 

Version  2.0  of  the  IPMI  specification  sup¬ 
ports  Serial  over  LAN  to  redirect  serial  con¬ 


sole  functionality  into  IPMI  over  IP 
Administrators  gain  full  remote  access  to 
text-based  system  information,  and  control 
for  BIOS,  utilities,  operating  systems  and 
applications.  Before  Version  2.0,  this  access 
was  limited  to  serial  consoles  via  secure 
console  servers. 

IPMI  Version  2.0  also  offers  major  security 
enhancements: 

•  Enhanced  authentication  support  that 
provides  stronger  processes  for  establish¬ 
ing  secure  remote  sessions  and  authenti¬ 
cating  users. 

•  Enhanced  encryption  support  that 
allows  for  secure  remote  password  config¬ 
uration  and  protects  sensitive  systems  data 
during  any  transfer  through  Serial  over 
LAN. 

•  A  firmware  firewall, a  collection  of  com¬ 
mands  that  prevent  the  execution  of  pre¬ 
defined  activities  that  could  place  the  sys¬ 
tem  at  risk. 

Despite  these  advances,  many  corpora¬ 
tions  still  do  not  use  IPMI  functionality 
even  when  it  is  included  on  installed 
servers  with  IPMI  Version  2.0  BMCs.  One 
key  factor  that  prevents  widespread  adop¬ 
tion  of  IPMI  is  its  lack  of  support  for  enter¬ 
prise  security  protocols. 

Most  likely  the  next  major  IPMI  release 
will  include  enterprise  security  support. 
Meanwhile,  IT  executives  must  choose 
between  developing  a  separate  security  sys¬ 
tem  for  IPMI  or  deploying  an  out-of-band 
appliance  with  IPMI  management  firmware 
that  supports  enterprise  security  architec¬ 
ture.  Regardless,  IPMI  Version  2.0  presents 
new  ways  to  reduce  the  cost  and  complex¬ 
ity  of  IT  infrastructure  management. 

Saito  is  CTO  at  Cyclades.  He  can  be 
reached  at  marcio.saito@cyclades.com. 
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Dr.  Internet  By  Steve  Blass 

We  have  Apache  and  Internet  Information  Systems 
Web  servers.  The  Apache  server  has  an  SSL  certifi¬ 
cate  from  VeriSign  installed.  The  IIS  server  has  a 
self-signed  SSL  certificate.  We  want  to  make  the 
SSL  security  alert  from  the  self-signed  certificate 
on  the  IIS  server  go  away  without  having  to  buy 
another  commercial  SSL  certificate.  Can  we  drive 
all  the  SSL  traffic  through  the  Apache  server  to 
avoid  the  SSL  security  alerts? 


The  Apache  modules  mod_proxy  and  mod_rewrite 
can  be  configured  so  client  browsers  will  talk  to 
your  IIS  server  through  the  Apache  server.  This 
will  establish  the  SSL  connections  using  the  com¬ 
mercial  SSL  certificate,  eliminating  the  browser 
security  warning.  Add  the  statements  “ProxyPass 
/mywebfolder  https://iis.server.name/myweb 
folder"  and  "ProxyPassReverse  /mywebfolder 
https://iis.server.name/mywebfolder"  to  your 
Apache  httpd.conf  file,  and  then  point  a  browser 


I 

at  the  address  in  https://apache.server.name/my 
webfolder,  to  view  IIS  content  through  the  Apache 
Web  server  connection.  Add  the  command 
“ProxyRequests  off"  to  the  httpd.conf  file  so  the 
server  will  not  honor  proxy  requests  f  i  om 
browsers  except  to  connect  to  your  NS  server. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 
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Well,  we  had  lots  of  feedback  on  the 
topic  of  naming  servers  and  PCs 
after  our  column  of  a  few  weeks 
ago.  Reader  Kes  Masalaitis  wrote,  “we  got 
our  first  RISC  machine,  which  was  way 
faster  than  the  CISC  machines  we  had.  I 
was  the  sysadmin,  and  I  named  the  ma¬ 
chine  Ifastmf.  I  also  named  a  machine 
xlr8.” 

An  astronomical  theme  has  been  the 
choice  of  many  organizations.  Reader  Mike 
Palombo  said,  “Our  organization  named 
our  first  eight  servers  after  planets  —  we 
were  told  to  skip  Uranus  . . .  they  wanted  to 
avoid  announcements  . . .  such  as:  Uranus 
will  be  down  for  an  hour  [and]  there’s  a 
tape  stuck  in  Uranus.” 

Reader  Chip  Orr  wished  his  employer 
didn’t  require  the  use  of  “functional”  host 
names  “like  RBSMADECWS058,  which  only 
makes  sense  if  you  know  our  organization¬ 
al  and  building  codes.” 

Chip  also  wrote  that,  “years  ago  I  stum¬ 
bled  upon  several  amusing  host  names 
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More  on  machine  names  and  spam 


used  by  the  respiratory  sciences  depart¬ 
ment  at  a  medical  school.  They  had  hosts 
named  ‘mucous, "phlegm, “tuberculosis,’  etc. 
Their  naming  convention  cracked  me  up, 
although  I  also  felt  the  need  to  wash  my 
hands  after  accessing  any  of  their  systems.” 

Dan  Wakeman  confessed  that,  “In  my 
first  job  out  of  college  I  inherited  a 
NetWare  3.10  server  named  Elmer,  as  in 
Fudd.  It  was  a  no-name  brand  and  had 
been  set  up  by  one  of  the  programmers. 
That  server  gave  us  grief  on  and  off  for 
months. My  boss  . .  .said  ‘Dan, we’ve  got  to 
change  the  name  of  the  server.  We’re  hav¬ 
ing  cartoon  calamities’” 

Reader  Michael  Miller  said  his  company’s 
naming  scheme  “isn’t  terribly  innovative  — 
in  fact,  it’s  mentioned  in  RFC  1 178.1  use  ele¬ 
ment  names  for  systems  that  aren’t 
exposed  to  the  outside  world.” 

Michael  pointed  out  that  the  scheme  has 
a  couple  of  advantages:“First,each  name  is 
tied  to  a  number,  which  becomes  part  of 
the  IP  address  of  the  system.  For  example, 
hydrogen  could  be  10.0.0.1  and  berkelium 
could  be  10.0.0.97.That  means  I  don’t  need 
to  carry  around  a  list  of  host  names  and 
their  IP  addresses,  or  be  able  to  reach  NIS, 
LDAP  or  even  a  host  file.  I’ve  got  a  periodic 
table  on  my  desk  and  one  on  my  PDA,  but 
I  find  I  don’t  need  them  much  anymore.” 


The  second  advantage  is  “the  names 
don’t  have  any  inherent  meaning  with 
respect  to  usage,  but  there  are  groupings 
available  for  uses:  noble  gases,  lan¬ 
thanides,  actinides,  number  of  valence 
electrons,  etc.” 

Michael  pointed  out  that  “the  biggest 
downside  is  that  some  of  the  elements 
have  names  that  annoy  some  spelling- 
challenged  users.  I  might  argue  that  this  is 
a  feature.” 

We’ll  wrap  up  this  week  with  an  anti¬ 
spam  utility  we’ve  been  running  for  a  cou¬ 
ple  of  weeks  called  Qurb  from  Qurb,  Inc. 

Qurb  is  a  challenge/response  system  for 
Outlook  and  Outlook  Express  that  prevents 
“unapproved”  senders’ e-mail  from  appear¬ 
ing  in  your  in-box  until  they  do  nothing 
more  complex  than  respond  to  a  chal¬ 
lenge  message. 

The  first  time  Outlook  or  Outlook 
Express  is  launched  after  installing 
Qurb  the  program  will  scan  all  messag¬ 
ing-related  folders,  excluding  any 
unread  in-box  messages  (they  could  be 
spam)  and  any  folders  with  names  con¬ 
taining  the  words  “junk,”  “deleted”  or 
“spam.”  The  result  will  be  a  list  of  your, 
approved  senders. 

After  that,  any  messages  received  from 
unapproved  addresses  will  be  redirected 


to  your  Qurb  quarantine  folder  and  a 
challenge  will  be  sent  back  in  reply  You 
can  set  the  frequency  at  which  Qurb 
alerts  you  to  check  the  quarantine  for 
senders  who  you  want  to  get  messages 
from  but  for  whom  you  haven’t  yet 
responded  to  a  challenge.  This  is  impor¬ 
tant  because  mail  lists  and  automated 
responses  usually  won’t  reply 

As  soon  as  a  response  to  a  challenge  is 
received,  Qurb  releases  the  original  mes¬ 
sage  from  quarantine  and  moves  it  to  your 
in-box.  You  can  select  messages  from 
senders  you’d  prefer  to  have  blocked  and 
click  on  the  “Block”  button  in  the  Qurb  tool¬ 
bar.  Likewise,  you  can  approve  senders  by 
using  the  ‘Approve”  button. 

Qurb  also  includes  a  search  feature  that 
blows  away  Outlook’s  search  function. 
While  this  facility  doesn’t  offer  the  range  of 
searching  that  some  other  products  pro¬ 
vide,  we  find  that  it  is  more  than  enough  for 
most  of  the  “where  on  earth  did  we  put  that 
message”  moments  we  have. 

Qurb  works  very  well  and  appears  to  be 
making  a  significant  impact  on  our  huge 
spam  problem.  Qurb  is  a  steal  for  $30. 

Talk  to  us  at  gearhead@gibhs.com.  And 
don't  forget  Gearblog  (www. network 
world,  com /weblogs /gearblog). 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


D-Link  expands  Internet  camera  line 

At  Interop  last  week,  D-Link  Systems  showed  off  its 
newest  network  camera,  the  SecuriCam  Internet  Camera 
(DCS-6620G).  With  features  such  as  lOx  optical  and  digi¬ 
tal  zoom,  pan  and  tilt,  a  charge  coupled 
device  processor  and  a  fine-ground 
glass  lens,  the  camera  produces  live 
streaming  video  that  can  be 
accessed  via  a  Web  browser,  D-Link 
says.  It  also  supports  802.1  Ig  wire¬ 
less  LAN  connectivity  which  let  users 
place  the  camera  in  locations  away 
from  an  Ethernet  port  (the  only  loca¬ 
tion  requirement  is  a  power  outlet). 

Pricing  and  availability  for  the 
DCS-6620G  was  not  announced. 


The  SecuriCam  Internet  Camera  lets 
you  access  streaming  video  via  a  Web 
browser. 


iOGear  launches  Powerline  adapters 

IOGear  said  last  week  it  is  getting  into  the  power-line 
networking  market.The  company  launched  its  Fbwerline 
Networking  Kit,  a  set  of  adapters  that  connect  to  a 
10/100M  bit/sec  Ethernet  network  to  provide  network 


access  through  power  lines  within 
the  home.  The  adapters  include 
support  for  56-bit  DES  encryption, 
bandwidth  up  to  14M  bit/sec  and  a 
range  of  990  feet,  IOGear  says. 

The  kit  costs  about  $100  and  is 
available  now  from  catalog  resellers, 
online  resellers  and  some  retailers.  More 
information  is  available  at  the  IOGear  Web  site. 

APG  combines  mouse  with  fingerprint  scanner 

American  Power  Conversion  (APC)  last  week  launched 
its  Biometric  Mouse  Password  Manager,  an  optical  mouse 
that  includes  a  fingerprint  scanner  to  let  PC  users  man¬ 
age  their  passwords.The  device  costs  $60  and  is  available 
now  in  North  America. 

The  system  lets  a  user  log  on  to  his  PC  or  note¬ 
book  with  his  fingerprint.  It  stores  all  of 
a  user’s  passwords  so  he  doesn’t  have 
to  memorize  a  number  of  different 
passwords  for  Web-based  logons,  APC 
says.  The  software  lets  users  store  fin¬ 
gerprints  of  up  to  20  users  on  one 
computer,  comes  with  a  6-foot  USB 
cable,  and  is  compatible  with  Windows 
98,  ME,  2000  and  XP  systems.  The 
device  can  store  an  unlimited  number 
of  usernames  and  passwords,  and  pro¬ 
vides  one-touch  file  or  folder  encryp¬ 
tion  with  five  encryption  algorithms. 

InFocus  projector  targets  business,  home  use 

InFocus  is  aiming  its  new  X3  projector  at  business 
users  who  need  a  presentation  device  by  day  and  a  way 
to  display  movies  or  play  video  games  at  home  at  night. 
The  X3  will  be  available  later  this  month  for  about  $1,200, 
the  company  says. 

The  6.8-pound  projector  offers  1,600  lumens  of  bright- 


InFoous'  X3  projector 
can  be  accessed 
securely  via  wireless 
instead  of  cable. 


ness,  a  2,000:1  contrast 
ratio  and  native  XGA  resolution. 
It  includes  DarkChip2  DLP  technology 
from  Texas  Instruments,  which  aims  to  provide 
better  video  quality  when  displaying  a  DVD  or  watch¬ 
ing  a  television  show  through  the  projector,  InFocus  says 
With  the  InFocus  LiteShow  system,  users  can  securely 
access  the  projector  wirelessly  instead  of  using  cables. 

Cingular  ships  'world's  smallest’  smart  phone 

Cingular  Wireless  last  week  announced  the  availability 
of  the  Audiovox  SMT  5600  Smartphone,  which  it  says  is 
the  “world’s  smallest  Windows  Mobile-based"  smart 
phone.  It  is  available  in  select  markets  for  about  $200 
(with  a  two-year  voice  and  data  service  contract),  the 
company  says. 

The  3.6-ounce  phone  lets  users  access  Outlook  appli¬ 
cations  such  as  contacts,  calendar  and  e-mail.  It  includes 
over-the-air  synchronization  of  personal  information 
manager  functions,  supports  up  to  nine  e-mail  accounts 
(POP3  or  Internet  Message  Access  Protocol  4  mail),  and 
includes  the  Microsoft  .Net  Compact  Framework,  which 
helps  IT  mobilize  current  Microsoft-based  applications, 
Cingular  says. 

Other  features  include  32M  bytes  of  internal  RAM,  an 
integrated  digital  camera/video  camera  (VGA  resolution 
and  4x  digital  zoom),  Bluetooth  and  infrared  support, 
speaker  phone,  and  a  Windows  Media  Player  10  Mobile 
to  let  users  listen  to  music. The  device  includes  a  built-in 
mini-Secure  Digital  slot  so  users  can  expand  memory  or 
store  additional  images,  music  or  video  files. 

Shaw  can  be  reached  at  kshaw@nww.com. 


HOW  DOE 

UR  SYSTEM 
URE  UP? 


Find  out  with  WorldBench“5,  the  industry  standard 
benchmark  for  testing  PC  performance. 

•  Automated  and  Bulletproof 

Runs  completely  on  its  own  from  start  to  finish. 

•  Results  You  Can  Use 

Provides  real-world  results,  not  a  synthetic  score. 

•  Apples  to  Apples 

Combines  results  and  compares  them  to  the 
reference  system. 


WorldBench  5  uses  real  applications  based  on  mass-market 
appeal,  stability,  market  share,  and  variety: 


THE  REAL-WORLD  SYSTEM  BENCHMARK 


•  ACDSee  PowerPack 

•  Adobe"  Photoshop” 

•  Adobe  Premiere 

•  Discreet®  3ds  max'  5.1 

•  Microsoft*  Office"  XP 

•  Microsoft  Windows 
Media*  Encoder 


•  Mozilla 

•  Musicmatch  Jukebox 

•  Nero  Express 

•  Roxio  VideoWave’  Movie 
Creator" 

•  WinZip” 


WorldBench  5,  the  industrial-strength  benchmarking  tool  that 
the  PC  World  Test  Center  uses  to  analyze  desktop  and  laptop 
PCs,  is  now  available  for  purchase. 


ONLY  $249!* 


•plus  tax.'-s  and  shipj/o^ 


Go  to  www.worldbench.com/nww  and  order  to 

Your  system  will  thank  you. 


Driven  to  distraction 


5/9/05 


ON  TECHNOLOGY 

John  Dix 

Interop: 


Although  Interop  boasted  a  new  name  and  was 
hosted  in  a  new  venue,  the  hot  issues  at  the  show 
last  week  were  largely  the  same  as  last  year;  conver¬ 
gence,  security  and  wireless. 

The  conference  returned  to  its  roots  by  dropping  “Net- 
World”  from  its  name  and  shifted  out  of  the  cavernous  Las 
Vegas  Convention  Center  to  Mandalay  Bay’s  convention 
facilities,  which  better  suited  the  show  at  its  current  size  — 
300-plus  vendors,  a  fraction  compared  with  when  it  filled 
two  huge  halls  across  town. 

But  attendee  traffic  was  thick,  and  vendors  were  pleased 
with  the  buyers  they  were  seeing.  In  fact,  show  organizer 
MediaLive  is  confident  enough  in  the  show’s  direction  to 
make  another  go  at  the  East  Coast;  It  announced  it  will 
stage  another  Interop  this  December  in  New  York. The  last 
East  Coast  Interop  was  in  Atlanta  in  2001. 

One  of  the  standouts  at  this  year’s  show  was  the  Session 
Initiation  Protocol  (SIP)  interoperability  demonstration. 

The  InteropNet  Labs  VoIP  network  linked  SIP  gear  from  25 
vendors  and  supported  four-digit-extension  dialing.  At  the 
heart  of  the  network  were  SIP  proxy  servers  from  eight  ven¬ 
dors,  including  Avaya,  3Com,  Zultys,  PingTel  and  Nortel  (see 
wwwnetworkworId.com,  DocFinder:  7049). 

Despite  the  achievement  —  a  compelling  example  of 
what  SIP  can  do  —  convergence  vendors  at  the  confer¬ 
ence  seemed  more  interested  in  talking  about  VoIP  over 
Wi-Fi.  Siemens,  for  example,  rolled  out  HiPath  Wireless,  a 
family  of  wireless  LAN  products  based  on  its  acquisition  of 
Chantry  Networks,  that  it  is  positioning  as  ideal  for  both 
voice  and  data. 

As  part  of  that  announcement  Siemens  also  showed  a 
slick,  well-designed  WiFi  phone  called  OptiPoint  that  will 
be  available  in  August  for  $495.The  SIP-based  phone 
apparently  will  work  on  any  802.1 1  infrastructure. 

While  security  vendors  were  also  in  abundance  at  the 
show,  one  booth  demonstration  that  was  eyecatching  was 
by  Solsoft,  which  offers  a  tool  that  can  be  used  to  automate 
the  configuration  of  security  devices. 

In  the  demo,  the  product’s  graphical  interface  was  used 
to  draw  a  line  between  a  branch  office  and  a  finance  Web 
portal. The  tool  then  compiled  the  changes  necessary  for 
the  Juniper  NetScreen,  Cisco  PIX  and  Cisco  routers  to 
make  the  link  possible,  and  pushed  the  changes  through. 

You  can  do  in  5  to  10  minutes  with  Solsoft  what  would 
take  you  1.5  hours  to  do  manually  Solsoft  says.The  com¬ 
pany  which  says  it  has  200  customers,  supports  equipment 
from  Cisco,  Juniper,  Check  Point,  Nortel,  Symantec,  Internet 
Security  Systems  and  others. 

These  are  the  kind  of  advances  that  get  attention. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Same  topics, 
new  twists 
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Your  story  on  wireless  communications  while  dri¬ 
ving  (www.networkworld.com,  DocFinder:  7027)  is 
extremely  appropriate  these  days.  I  fear  the  day  will 
come  when  I  see  more  drivers  talking  on  cell 
phones  while  driving  than  not.  Using  hands-free 
devices  only  solves  part  of  the  problem.lt  does  noth¬ 
ing  to  resolve  the  issue  of  drivers’  concentration  and 
awareness  of  what  is  going  on  around  them. 

I  agree  that  mobile  communication  makes  us 
more  effective  and  is  a  good  thing.  I  believe,  howev¬ 
er,  that  communications  while  driving  a  car,  even 
with  hands-free  devices, should  be  permitted  only  in 
emergencies.  This  can  be  enforced  by  for  example, 
extending  the  GPS  capabilities  of  modern  phones  to 
disable  outward  and  inward  connections  except  for 
91 1  calls  at  speeds  faster  than  30  mph. 

Bill  Stevens 
Columbus,  Ohio 

The  FGG’s  real  issues 

I  want  to  thank  Johna  Till  Johnson  for  her  column 
on  how  incoming  FCC  Chairman  Kevin  Martin 
might  best  spend  his  time  (DocFinder:  7028).  In¬ 
decency  regulations  make  good  headlines,  at  least 
as  long  as  the  public’s  attention  span  holds  out,  but 
there  are  far  more  important  issues  for  the  FCC  to 
decide. 

I’m  especially  concerned  about  how  the  first  and 
third  points  Johnson  raised  intersect:  Is  it  necessary 
for  a“telecom  carrier,”  whatever  that  is,  to  give  fair  ser¬ 
vice  to  all  packets  offered  by  all  its  customers?  ISPs 
are  commercial  entities  with  a  vested  self-interest, 
and  some  of  them  may  want  to  offer  self-branded  or 
self-produced  VoIP  service  to  their  end  users.  OK,  so 
you  pay  them  some  pitiful  amount  per  month  to 

E-mail  letters  to  jdix@mvw.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


shoot  any  packets  you  want  through  their  network  to 
anywhere  you  want,  and  it  just  happens  that  some  of 
the  packets  represent  a  VoIP  conversation.  Is  it  illegal, 
immoral,  or  just  mean-spirited  and  self-serving  to 
subtly  delay  those  packets,  making  your  competitor’s 
service  look  worse?  What  constitutes  “best-effort” 
service?  Should  you  have  to  pay  extra  to  not  have 
your  VoIP  packets  sent  to  the  back  of  the  line,  or  is 
that  essentially  extortion?  What’s  the  difference  be¬ 
tween  that  and  paying  an  extra  fee  to  have  yourVoIP 
packets  sent  to  the  front  of  the  line? 

This  discussion  came  up  a  few  years  ago  when  var¬ 
ious  big  ISPs  started  blocking  outbound  access  from 
dial-up  and  broadband  customers  to  any  SMTP 
servers  on  the  outside  of  the  ISPs’  own  networks  — 
that  is,  customers  would  have  to  send  outbound 
SMTP  through  the  ISPs’  own  servers,  not  their  “pre¬ 
ferred”  home  base  server.  This  annoyed  some  cus¬ 
tomers  because  their  roaming  laptop  e-mail  config¬ 
urations  stopped  working,  and  some  business  cus¬ 
tomers  probably  had  to  negotiate  exceptions  to  the 
blocking  lists  for  their  own  small  mail  servers  (or 
had  to  start  contracting  with  the  ISP  for  permission 
to  even  have  a  small  mail  server).  But  many  others 
in  the  industry  celebrated  because  this  sort  of  block¬ 
ing  cuts  down  on  the  spread  of  spam  and  viruses 
that  attempt  to  mail  directly  to  the  remote  machine. 
Eventually  the  dust  settled,  and  customers  got  used 
to  it.  Will  VoIP  present  similar  challenges  for  cus¬ 
tomers  to  just  get  used  to? 

The  discussion  is  especially  interesting  because  of 
a  recent  study  that  showed  the  normal,  best-effort 
service  in  today’s  commercial  Internet  is  actually 
good  enough  to  support  voice  most  of  the  time.  So  if 
the  ISPs  make  excuses  that  the  Internet  just  can’t  do 
it  reliably  but  somehow  their  own  branded  VoIP  ser¬ 
vices  work  fine,  it’s  going  to  look  disingenuous. 

Jeff  Saxe 
Network  engineer 
Crutchfield 
Charlottesville, Va. 
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USER  VIEW 

Chuck  Yoke 


Five  years  ago,  I  wrote  a  column  ques¬ 
tioning  the  need  for  IPv6  because  I  felt 
IPv4  was  more  than  adequate.  Two 
years  later,  I  wrote  another  column  basically 
saying  the  same  thing  —  which  did  nothing 
to  endear  me  to  the  IPv6  contingent.  Then 
last  year,  my  interest  in  IPv6  heightened,  and 
1  wrote  a  column  recommending  that  users  consider  IPv6  for  any 
new  implementations. 

Now,  one  year  later,  1  gaze  across  the  network  horizon  and  ask,  So 
where  is  all  the  IPv6?  Even  with  all  the  hype  about  IPv6, 1  know  of  very 
few  implementations  outside  of  educational  institutions,  the  federal 
government,  telecom  companies  or  research  organizations.  In  the  cor¬ 
porate  world,  IPv4  remains  king.  And  from  what  I  can  see,  it  will  remain 
king  through  this  decade. 

That  doesn’t  mean  IPv6  is  dead.  Eventually,  most  companies  will  be 
forced  to  switch  to  IPv6  because  of  vendors  eliminating  IPv4  support. 
While  IPv6  has  definite  technical  advantages,  the  business  value  and 
functionality  doesn’t  justify  the  conversion  costs. 

The  increased  availability  of  WAN  technologies  such  as  Border 
Gateway  Protocol-based  Multi-protocol  Label  Switching  (MPI25)  VPNs 
facilitates  the  continued  use  of  both  IPv4  and  private  IP  address  spaces. 
The  highly  touted  increased  address  space  of  IPv6  still  is  not  critical  to 
most  corporations.  IPv4-based  technologies  such  as  IPSec,  SSL,  MPLS, 
Differentiated  Services  and  router-based  queuing  mechanisms  ade¬ 
quately  match  the  security  and  quality  of  IPv6  service  enhancements. 
From  an  application  perspective,  IPv6  actually  can  create  problems. 


So  where  is  all  the  IPv6? 


While  operating  system  vendors  are  shipping  IPv6  stacks  and  IPv6  ver¬ 
sions  of  HTTP  and  FTP  most  off-the-shelf  applications  are  not  IPv6- 
based  and  might  require  the  use  of  tunneling  or  other  modifications  to 
work  properly  in  an  IPv6  environment.This  only  adds  to  the  cost,  com¬ 
plexity  and  service  issues  of  an  IPv6  migration. 

As  most  corporate  IT  organizations  are  cost  centers  constantly  under 
pressure  to  reduce  expenditures  while  increasing  service,  IPv6  still  is 
seen  as  a  solution  looking  for  a  problem.  A  migration  to  IPv6  will  nei¬ 
ther  reduce  near-term  operational  costs  nor  enhance  functionality  On 
the  contrary  migrating  to  IPv6  will  create  short-term  cost  increases  and 
might  affect  service  because  of  training,  support  and  implementation 
issues.  Budgetary-constrained  IT  managers  are  opting  to  invest  their 
dollars  in  other  initiatives  that  will  solve  immediate  problems. 

While  IPv6  might  never  be  “required,”  I  think  it  will  replace  IPv4 
when  the  economics  are  right.  Most  new  equipment  supports  IPv6.  IT 
managers  are  laying  the  foundation  for  the  eventual  migration  to  IPv6 
as  they  replace  their  fully  depreciated  legacy  routers,  switches,  desk¬ 
tops,  servers  and  operating  systems  through  normal  end-of-life 
processes.  Within  five  years,  most  corporations  will  have  an  infra¬ 
structure  capable  of  supporting  IPv6.  At  that  time,  the  transition  to 
IPv6  will  become  a  “no-capital”  tactical  initiative  that  will  be  more 
financially  palatable  to  corporate  management.  Until  then,  IPv4  will 
continue  to  reign  supreme  in  the  corporate  world,  providing  cost- 
effective  networking  services  and  functionality 


While  IPv6  has 
definite  technical 
advantages,  the 
business  value 
and  functionality 
doesn't  justify 
the  conversion 
costs. 


Yoke  is  director  of  business  solutions  engineering  for  a  corporate  net¬ 
work  in  Denver.  He  can  be  reached  at  ckyoke@yahoo.com. 


CACHE  ADVANCE 

Linda  Musthaler 

Last  week  I  was  drawn  into  a  conversation 
between  two  women  who  happened  to 
be  small-business  owners.  One  woman 
was  telling  the  other  how  her  husband  occa¬ 
sionally  looks  at  their  employees’  e-mails.  Her 
mention  of  this  almost  sounded  like  a  confes¬ 
sion  —  like  her  spouse  and  business  partner 
was  guilty  of  something  he  shouldn’t  be  doing. 

I  told  both  businesswomen  the  company  owner  not  only  has  a  right 
to  look  at  the  e-mail  but  also  is  wise  to  do  so  from  time  to  time.  Reviews 
of  messages  in  a  company-provided  e-mail  system  can  reveal  misuse  of 
company  resources,  theft  of  intellectual  property  or  other  concerns. 
What’s  more,  the  contents  of  e-mail  messages  can  be  subpoenaed  in 
the  event  of  a  lawsuit, so  the  business  owner  or  executive  team  should 
know  what’s  going  through  company  systems.  Consequently  many 
employers  —  large  and  small  —  screen  employees’  messages  today 
Just  ask  Harry  Stonecipher,  whose  reign  as  CEO  of  Boeing  ended 
when  his  grievous  misuse  of  the  corporate  e-mail  system  was  revealed 
to  the  board  of  directors.  It  seems  Harry  unwisely  chose  to  send  sexu¬ 
ally  explicit  notes  to  a  secret  paramour  who  also  worked  at  Boeing. 
Given  that  Stonecipher  was  supposed  to  be  leading  the  charge  to  a 
more  “morally  proper”  company,  the  board  had  little  choice  but  to  fire 
him  as  an  example  for  all  other  employees. 

He  isn’t  the  only  person  to  assume  e-mail  content  is  private.  Many  em¬ 
ployees  make  that  assumption,  but  experts  on  labor  issues  say  employ¬ 
ees  have  no  right  to  privacy  when  it  comes  to  communications  using 
company  systems  such  as  e-mail,  instant  messaging,  telephones  and  fax 
machines.  However, it’s  important  to  fully  inform  employees  of  the  com¬ 
pany’s  policy  regarding  the  use  of  such  resources. 

Does  your  organization  have  a  published  policy  on  the  use  of  your 
e-mail  system,  and  do  you  adequately  train  employees  on  that  policy 
and  what  is  acceptable  use  of  e-mail?  According  to  a  2004  survey  con¬ 
ducted  by  the  American  Management  Association  and  The  eFblicy 


E-mail  snooping:  A  smart  strategy 


Institute,  79%  of  the  840  responding  companies  say  they  have  a  written 
policy  governing  the  use  of  e-mail.  However,  only  54%  of  the  surveyed 
companies  conduct  e-mail  policy  training. 

The  survey  also  revealed  that  most  companies  monitor  the  content  of 
incoming  and  outgoing  e-mail.  However,  only  27%  of  the  companies 
monitor  the  content  of  e-mail  flowing  within  the  company  where  famil¬ 
iarity  might  lead  to  passing  around  inappropriate  content. 

Companies  that  don’t  conduct  policy  training  or  monitor  internal 
messages  can  be  putting  themselves  at  risk.  In  2003,  oil  company  Chev¬ 
ron  USA  paid  $2.2  million  to  settle  a  sexual  harassment  lawsuit  over  its 
e-mail  content.  The  allegations  were  made  by  a  group  of  women 
employees  who  alleged  a  Chevron  subsidiary  allowed  its  internal 
e-mail  system  to  be  used  to  transmit  sexually  offensive  messages. 

A  workforce  that  is  educated  about  and  routinely  reminded  of  your 
email  policy  is  the  first  line  of  defense  for  your  company  People  who 
see  the  policy  flashed  on  the  screen  during  logon  are  more  likely  to 
comply  with  your  rules.  What’s  more,  in  the  event  of  a  lawsuit  or  crimi¬ 
nal  activity,  a  company  that  can  demonstrate  its  allegiance  to  policy 
and  training  could  be  treated  favorably  by  the  courts. 

An  employee  of  American  Family  Insurance  was  found  to  be  receiv¬ 
ing  child  pornography  on  his  company  computer.  The  company  was 
not  held  liable  for  the  employee’s  action  because  it  could  prove  that  it 
has  an  active  policy  against  such  use  of  the  computer.  In  order  for  the 
employee  to  gain  access  to  his  company  network,  he  had  to  acknowl¬ 
edge  the  policy  as  part  of  the  logon  process.  Unfortunately  for  him,  he 
ignored  the  policy  and  got  caught. 

So  employers,  whether  your  company  is  large,  small  or  in  between, 
don’t  feel  guilty  about  taking  a  peek  at  what’s  flowing  through  your  net¬ 
work;  it  is  your  right  and  responsibility  If  you  shut  your  eyes  to  potential 
problems,  even  larger  problems  could  arise. 


Companies  that 
don't  conduct 
policy  training 
or  that  don't 
monitor  internal 
messages  can  be 
putting  them¬ 
selves  at  risk. 


Musthaler  is  vice  president  of  Currid  &  Company,  a  Houston  tech¬ 
nology  assessment  firm.  She  can  be  reached  at  linda@currid.com. 


Addressing 
the  problem: 

aQykik.  How- many  IP 
■; addresses  are; you  manag¬ 
ing?  When  was  ‘he  last  time 
you  checked  to  see  if  all  the 
IP  addresses  were  being 
'used?  And  do  you  have  an 
automated  system  for  man¬ 
aging  IP  address  changes?, 
IP  address  management  is 
taking  on  greaterimpor-'  T 
tartce  for  a  number  of  rea¬ 
sons.  in. this  Technology  - 
Insider,  we  Ml  i  ay  out  the 
problem  and  describe  how . 
your  peers  are  handling  it. 


IP  address  management  comes  to  the  forefront  as 
IT  shops  work  to  deliver  more  serv  res  and  ensure 
their  networks  remain  available  and  secure, 


■  BY  DENISE  DUBIE 


ill  McGregor  isn’t  an 
accountant,  but  still  his  job 
requires  that  he  keep  tabs 
on  20,000  numbers  at  once. 


As  I  .AX  network  and  security  team  member  for 
Reuters  in  London,  the  numbers  McGregor  moni¬ 
tors  are  IP  addresses,  whirl)  represent  more  than 
10,000  servers  and  network  devices.  According  to 
McGregor,  il  the  numbers  don’t  match,  customers 
simply  don’t  get  the  II*  services  or  applications 
they’ve  requested  from  the  media  giant’s  network. 

“Yon  can’t  have  any  IP  address  conflicts  because 
the  IP  services  will  eventually  stop  working.  The 
routers  won’t  know  where  to  pass  the  packets  to 
next,  and  that  would  boa  complete  disaster,"  lie 
says.  "IP  address  management  is  absolutely  critical, 
and  it  just  keeps  getting  more  complex,” 

IP  address  management,  the  practice  of  maintain¬ 
ing  an  up-to-date  repository  of  all  IP  addresses  with¬ 
in  any  given  networks  historically  has  involved  man¬ 
ual  inventories  and  Kxcel-like  spreadsheets  that 
could  hft  updated  when  new  devices  were  added. 
Blit,  according  to  Forrester  Research,  25%  of  com¬ 
panies  surveyed  have  moved  beyond  those  rudi¬ 
mentary  methods  to  internally  developed  apps. 
Another  2(1%  use  third-party  tools  to  ease  II’  address 
management:. 

Several  factors  are  driving  IP  address  management 
from  the  hack  I  aimer  to  a  more  prominent  place  oil 
the  IT  to  do  list. 

•  Data  center  consolidation  is  sending  more  LAN 

See  Numbers,  page  42 


Lucent  wins 
Clear  Choice 
Test: 

We  tested  three  enter¬ 
prise-ready  IP  address 
management  tools, 
and  Lucent's  VitalQIP 
wins  our  Clear  , 

Choice  Award  for  its 
fast  performance, 
scalability,  feature- 
rich  options  for  deal¬ 
ing  -with-IP  addresses. ' 
Page  44. 


USC  is  a  big  network,  with  about 
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. . .  withoot  managing  them,  it  would 
get  pretty  messy  very  quickly.” 

JAMES  WIEDEL,  DIRECTOR  OF  NETWORKING 
UNIVERSITY  OF  SOUTHERN  CALIFORNIA 


The  blade  made  for  Linux.  The  tools  to  make  it  better. 


Put  a  world  leader  in  blades  and  Linux  to  work  for  you.  More  and  more  businesses  are  finding  that  HP  BladeSystem  servers  are  the  tool  their  data  center  needs. 
One  reason  is  that  HP's  blades  are  optimized  for  Linux.  Not  only  do  they  ship  with  powerful  software  tools,  like  HP  Systems  Insight  Manager™  and  ProLiant 
Essentials,  they  also  run  key  Linux  apps  from  software  partners  like  PeopleSoft  and  Oracle.  And  with  powerful  AMD  Opteron™  Processors,  you  get  maximum 
performance  now  as  well  as  the  flexibility  to  transition  to  64-bit  computing  now  or  in  the  future.  In  short,  HP  offers  you  the  advantages  of  blades,  Linux 
and  legendary  HP  reliability  all  in  one  neat,  affordable  package.  Get  more  support,  technology  and  advice  from  HP.  So  you  can  build  the  I.T.  you  need. 


HP  ProLiant  BL25p  Blade  Server 


HP  ProLiant  BL35p  Blade  Server 


THE  SOLUTIONS 

THE  BENEFITS’ 

•  BL25p:  2  AMD  Opteron™  Processors  Model  200 

•  Up  to  23%  savings  on  acquisition  cost 

(up  to  2.6QGHz) 

•  Up  to  23%  less  power  consumption 

•  BL35p:  2  AMD  Opteron™  Processors  Model  200 
(2.40GHz) 

•  Up  to  93%  fewer  cables 

•  BL25p:  Up  to  48  servers  per  rack 

•  43%  less  space  needed  for  same  number  of 
processors 

*  BL35p:  Up  to  96  servers  per  rack 

•  Hot-swappable  server  design 

•  HP  Systems  Insight  Manager™  for  Web-based 
networked  management  through  a  single  console 

•  Single  interface  for  local  and  remote  management 
of  servers,  storage,  software  and  networking 

•  Rapid  Deployment  Pack  for  ease  of  deployment 

and  ongoing  provisioning  and  reprovisioning  in 
Linux-mixed  OS  environments  (optional) 

Enhance  your  system. 


HP  STORAGEWORKS  MSA1500CS 

-  Up  to  24TB  of  capacity  (96  250GB  SATA  drives)  -  Up  to  16TB  of  capacity 
(300GB  SCSi  drives)  -  Ability  to  mix  SCSI  and  Serial  ATA  enclosures  for 
greater  flexibility  -  2GB/1GB  Fibre  connections  to  host  flexibility 


Save  up  to  $844  on  the  4-hour  response,  24-hour-a-day,  3-year  warranty  upgrade2 


Save  $1,744  when  you  purchase  an  HP  BladeSystem  enclosure 
and  8  BladeSystem  Management  Suite  Licenses.3 

CALL 

1-866-625-3909 

CLICK 

www.hp.com/go/bladesmag52 

CONTACT 

your  local  reseller 
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i  n  v  e  it  » 


1.  Based  on  internal  HP  testing;  compared  to  similarly  configured  HP1U,  2P  server  with  SAN  connectivity.  For  configurator,  please  visit:  http://h30099.www3.hp.com/configurator/catalog-issipc.asp.  2.  Otter  va'id  through  7/31/05  on 
purchase  of  four-hour  response,  24-hour-a-day,  three-year  warranty  upgrade  for  MSA  1000  or  MSA  1500  products.  3.  Offer  valid  through  8/31/05  on  purchase  of  HP  BladeSystem  enciosuie  and  eight  BladeSystem  Management 
Suite  licenses.  Offers  valid  in  U.S.  only.  Offers  cannot  be  combined  with  any  other  offer  or  discount  and  are  good  while  supplies  last.  See  Web  site  for  full  details.  Linux  is  a  U.S.  registered  trademark  of  Linus  Torvalds.  Oracle  is  a  registered 
U.S.  trademark  of  Oracle  Corporation,  Redwood  City,  California.  AMD,  the  AMD  Arrow  Logo,  AMD  Opteron  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  ©2005  Hewlett-Packard  Development  Company,  L.P. 


Address  overload 


About  190  IT  professionals 
surveyed  report  IP  address 
management  poses  multiple 
challenges  for  network 
managers. 


Accurately  configuring  DNS  and 
DHCP  servers  in  accordance  with 
IP  allocations 

21% 


Finding  duplicate 
numbers 

4% - 


Renumbering  due  to 
merger/acquisition 

8% 


Implementation  of  new 
services,  such  as  VoIP 

11% 


IP  management  roadblocks 


Respondents  said  there  are  technical 
and  cultural  barriers  to  improving 
IP  address  management  in  their 
organization. 


Forecasting  IP 
address  capacity 
requirements 

19% 


Accurately 
allocating 
address  space 

19% 


Renumbering 
due  to  changes 
in  the  network 

17% 


Other  projects  have  higher  priority 


Cost  of  IP  address  mgmt.  tools/lack  ROI 


Lack  of  management  visibility  to  IP  address  mgmt.  issues 


Limited  capabilities  of  IP  address  mgmt.  tools 


Lack  of  in-house  resources 


Organizational/process  issues 


Lack  of  in-house  expertise 


Difficulty  implementing 


1 49% 


43% 
41% 


37% 

37% 

36% 


[19% 

117% 


SOURCE:  INS.  APRIL  2005 


Numbers 

continued  form  page  40 

applications  over  the  Internet,  which  is  driving  efforts  to 
better  manage  IP  addresses  within  IT  shops. 

•  VoIP  by  making  phones  an  IP  device,  potentially  dou¬ 
bles  the  number  of  IP  addresses. 

•  Security  concerns  in  terms  of  network  access  and 
potential  virus  infection  from  unknown  devices  are  forcing 
companies  to  better  manage  network  access. 

•  The  demand  to  deliver  QoS  and  applications  to  end 
users  is  pushing  IT  managers  to  more  closely  monitor  IP 
addresses. 

“We  used  to  have  lots  of  disparate  networks,  subnets, 
small  groups  of  servers,  and  it  wasn’t  organized,  but  now 
we’re  centrally  managing  it  all  at  this  data  center"  McGregor 
says.“It’s  a  much  more  complex  map  of  what  is  there  and 
what  needs  to  talk  to  each  other,  to  the  Internet  and  to 
servers  on  the  other  side  of  the  Internet.” 

A  number  of  vendors,  including  Cisco,  Incognito,  INS, 
Lucent,  Metainfo,  Nominum,  Nortel  and  ApplianSys,  are 
shipping  tools  to  help  network  managers  maintain  an  in¬ 
ventory  of  the  IP  addresses  in  their  network,  subnets,  virtual 
LANs  and  more.  Using  either  software  installed  on  a  server 
or  bundled  on  an  appliance,  IP  address  management  prod¬ 
ucts  are  designed  to  keep  an  up-to-date  inventory  of  the  net¬ 
work  addresses  in  use.  Some  products  simply  serve  as  a 
repository  for  data  that  must  be  manually  updated  by  net¬ 
work  engineers,  while  other  products  claim  to  dynamically 
discover  new  devices,  collect  IP  address  information  from 
them  and  ensure  there  is  no  duplication. 

“The  evolution  and  adoption  of  IP  address  management 
processes  and  tools  has  taken  much  longer  than  one 
would  expect,”  says  Thomas  Mendel,  a  principal  analyst 
with  Forrester. “There  will  be  a  significant  uptake  in  this 
area  in  2005  and  2006  because  IT  managers  have  to  con- 
l  tinue  to  deliver  services  as  the  number  of  addresses  esca¬ 

lates.  Products  can  help.” 

IP  by  the  numbers 

An  IP  address  has  two  parts,  the  identifier  of  the  network 
and  an  identifier  of  the  device,  so  a  complete  IP  address 
needs  both  the  unique  network  number  and  host  number. 
“Like  a  post  office,  you  look  at  the  ZIP  code  first,  not  the 
local  address.  In  a  network,  get  the  packet  close  to  the  des¬ 
tination  based  on  a  summarized  route  and  let  the  local 
routers  deliver  it,” says  one  network  manager  at  a  health¬ 
care  provider  in  NewYork.“IP  address  management  signifi¬ 
cantly  reduces  management  and  troubleshooting  time  by 
being  able  to  quickly  look  at  problems  and  immediately 
know  where  to  look.” 

But  IP  management  is  more  than  tracking  numbers;  it 
also  requires  matching  and  passing  numbers  out  to  users 
via  DNS  and  DHCP  DNS  serves  as  a  phone  book  of  sorts, 
matching  up  numbers  with  names.  For  example,  a  DNS 
server  would  align  the  names  of  objects, such  as  a  server, 
into  the  numeric  IP  address  associated  with  the  name. 
And  a  DHCP  server  is  used  to  automatically  assign  TCP/IP 
settings  to  clients.  IP  addresses  come  from  a  pool  defined 
in  the  DHCP  server’s  database,  and  the  server  grants  the  IP 
address  for  a  specified  amount  of  time,  called  a  lease. 

According  to  a  recent  INS  survey  of  some  190  IT  pro¬ 
fessionals,  as  the  need  for  IP  address  management  con¬ 
tinues  to  grow  so  does  the  complexity  of  IP  networks 
(see  graphic).  The  survey  revealed  that  not  only  does 
managing  thousands  of  IP  addresses  pose  multiple  chal¬ 
lenges  to  network  managers,  but  also  the  cost  and  com¬ 
plexity  of  putting  vendor  products  in  place  represents  a 
barrier  to  more  than  40%  of  IT  shops  surveyed.  Close  to 
50%  of  respondents  also  said  other  IT  projects  take  prior¬ 


ity  over  IP  address  management. 

USG  remains  old  school 

“USC  is  a  big  network,  with  about  65,000  addresses  that 
are  not  all  located  in  one  building,  but  across  200  loca¬ 
tions,”  says  James  Wiedel,  director  of  networking  at  the  Uni¬ 
versity  of  Southern  California  in  Los  Angeles.  “So  without 
managing  them,  it  would  get  pretty  messy  very  quickly’ 

The  practice  of  doling  out  IP  addresses  within  a  specific 
range,  ensuring  there  is  no  duplication,  timing  out 
addresses  for  temporary  use  and  simply  keeping  track  of 
thousands  of  devices  has  always  been  important.  But  in 
essence,  as  networks  grow  more  complex  and  more  com¬ 
panies  deliver  IP  services  over  the  Internet,  the  demands  of 
IP  address  management  will  overwhelm  network  engi¬ 
neers  in  charge  of  keeping  traffic  flowing  to  and  from  mul¬ 
tiple  addresses. 

Wiedel  uses  the  old-school  system  of  spreadsheets  to 
keep  track  of  IP  addresses,  but  says  he  still  runs  into  prob¬ 
lems,  such  as  timed-out  addresses.  He  explains  that  being  a 
university  his  team  often  allocates  addresses,  but  isn’t 
aware  of  when  those  addresses  become  unused. 

“We,  as  a  central  administration,  do  not  find  out  that  the 
old  machine  is  permanently  gone  from  the  network  until 
we  look  for  [media  access  control]  addresses  that  haven’t 
been  used  in  months,”  he  says.  “We  are  in  the  process  of 
revamping  our  network  with  a  new  range  of  IP  addresses 
and  are  planning  to  find  nice  big  holes  in  the  old  range 
that  can  ultimately  be  collected  and  reused.” 

Representatives  from  Nortel  and  Metainfo  say  vendor 
products  also  can  keep  a  tally  of  timed-out  addresses,  as 
Wiedel  detailed,  to  ensure  “chunks  of  addresses  don’t  go 
unused.”The  vendors  also  can  help  IT  shops  manage  DNS 
and  DHCP  servers,  in  relation  to  IP  address  management. 

Reuters  opts  for  Optivity 

Unlike  Wiedel,  Reuters’  McGregor  depends  upon  vendor 
tools  to  manage  IP  addresses.  He  uses  Nortel’s  Optivity 


NetID  to  stay  on  top  of  addresses,  but  says  he  will  be  re¬ 
questing  more  auto-discovery  capabilities  and  intelligent 
correlation.  For  example,  one  server  could  have  four  inter¬ 
faces,  which  requires  four  IP  addresses.  Currently  McGregor 
must  manually  enter  duplicate  information,  such  as  the 
machine  location, serial  number  and  so  on,  for  each  inter¬ 
face.  He  says  the  practice  is  time-consuming  and  repre¬ 
sents  more  opportunities  for  errors. 

“I’d  like  to  see  more  automation  in  the  product.  Right 
now,  it  prompts  me  for  the  same  information  that  I  already 
entered  under  a  different  IP  address.To  me,  that  makes  too 
much  room  for  error,”  McGregor  says.  “I’d  also  like  to  see  a 
‘manager  of  managers’  and  decide  if  Reuters  should  con¬ 
tinue  to  manage  its  IP  addresses  regionally  or  if  we  should 
install  a  global  system.” 

Forrester’s  Mendel  agrees.  He  says  vendor  tools  simply 
don’t  measure  up  to  enterprise  company  requirements. 

‘A  lot  of  the  technology  out  there  is  10  to  15  years  old, and 
many  enterprise  companies  don’t  have  proper  processes 
in  place,”  Mendel  says. 

Vendors  need  to  incorporate  auto-discovery  features, 
Mendel  says,  to  ensure  the  repetitive  data  entry  that  Mc¬ 
Gregor  mentions  doesn’t  result  in  errors  and  ultimately 
routing  failures.  According  to  Forrester,  15%  of  overall 
downtime  in  companies  is  caused  by  network  problems. 
The  research  firm  attributes  the  majority  of  that  time  to 
manual  errors  in  configuring  and  changing  DNS  and 
DHCP  servers. 

While  vendors  work  on  their  wares,  Mendel  advises  IT 
managers  to  take  a  look  at  their  processes  to  ensure  they 
have  a  proper  handle  on  IP  address  management.  He  says 
the  growing  adoption  of  the  best  practices  in  the  Infor¬ 
mation  Technology  Infrastructure  Library  will  help, 
Reuters’  McGregor  agrees. 

“To  really  get  the  most  of  out  vendor  products,  network 
managers  have  to  plan  the  use  of  their  address  space  really 
well  in  advance.  There  has  to  be  an  idea  of  having  con¬ 
tiguous  address  space  for  your  network,”  he  says.  ■ 


- 


>>  Juniper  Networks  would  like  to  congratulate  all  the  participants  of  the  first  annual 
Network  World  Renovator  Awards.  Winning  Renovators  displayed  an  ingenious 
understanding  of  technology  -  proving  a  business  case  for  a  network-wide  renovation, 
while  creating  striking  new  business  opportunities. 

Now,  good  luck  to  those  leading  the  charge  for  the  '06  awards. 


VitalQIP  is  fast  and  scalable,  Meta  IP  offers  security  and  useful  reports 
and  ApplianSys’  DNSBox  300  is  an  easy-to-deploy  plug-and-play  device. 


■  BY  BARRY  NANCE,  NETWORK  WORLD  LAB  ALLIANCE 

When  your  company’s  IP  address  list  begins  to  rival  the  Manhattan  phone  book, 
it’s  time  for  a  serious  IP  address  management  tool.  Dealing  with  a  growing  and 
rapidly  changing  population  of  IP  addresses  is  a  tedious  and  dismal  chore,  espe¬ 
cially  if  you’re  assigning  client  addresses  with  the  old-fashioned  static  IP  address 
approach,  using  a  spreadsheet  or  piece  of  paper,  or  if  you’re  manually  juggling  mul¬ 
tiple  Domain  Name  Server  and  Dynamic  Host  Configuration  Protocol  servers  to 
track  and  lease  addresses. 


DNS  and  DHCP  services  included  with  Windows 
Server  2000  or  2003  are  an  option,  but  you  might  need 
better  performance  (quicker  DHCP  IP  address  lease 
responses  and  DNS  name  resolutions  than  Windows 
delivers)  or  higher  security.  For  example, Windows  DNS 
services  don’t  support  encrypted  zone  transfer  and 


update  features  like  most  non-Windows  DNS  server 
products  do. 

We  invited  several  IP  address  management  tools  to 
our  Alabama  lab  for  testing.  Metainfo  (Meta  IP  Enter¬ 
prise  5.6  and  SA-500  DNS/DHCP  appliance),  Applian¬ 
Sys  (DNSBox  300  and  DNSBox  100)  and  Lucent 

See  IP,  page  46 


Appliance 

factor 


The  ApplianSys  DNSBox  appliance  offers  easier 
installation  and  maintenance. 

etalnfo  and  Lucent  offer  a  soft¬ 
ware-only  central  console  and 
the  other  components  in  either 
appliance  or  software  form.  The  Applian¬ 
Sys  DNSBox  product  is  appliance-only. 
Appliances  are  naturally  easier  to  install 
and  can  be  easier  to  maintain,  especially 
at  remote  locations.  The  software-based 
approach  can  be  attractive  if  you  have 
servers  with  spare  capacity  to  run 
DNS/DHCPservices. 

A  DNS/DHCP  network  appliance  might 
perform  faster  or  slower  than  your  own 
hardware,  depending  on  the  vendor's 
design  and  what  computers  you  have 
available  for  running  the  software. 
Reliability  also  is  a  major  consideration 
when  buying  appliances.  For  example,  the 
DNSBox  systems  are  Linux-based  appli¬ 
ances  that  boot  and  run  from  a  pair  of 
Compact  Flash  cards  rather  than  a  disk 
drive.  With  no  moving  parts  and  no  alter¬ 
able  or  deletable  operating  system  files, 
a  CF  card  boot  enhances  reliability. 
Performance-wise,  the  DNSBox  300  con¬ 
tains  a  1-GHz  Pentium  III  processor,  512M 
bytes  of  RAM  and  a  10/100M  bit/sec 
Ethernet  port.  The  DNSBox  100  has  a  1.7- 
GHz  Celeron  processor  with  512M-bytes 
of  PC2100  DDR  memory  and  a  10/100 
Ethernet  port. 

—  Barry  Nance 
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Company: 

Lucent, 
www.lucent 
.com  Cost: 

From  $0.70  to  $5.00  per  node.  Pros: 
Fast,  scalable;  intuitive  interface. 
Cons:  No  IPv6  support  yet;  no  Linux 
GUI. 


Metalnfo 
Meta  IP  5.6 
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Company:  Metalnfo,  www.metainfo 
.com  Cost:  $75,000  for  Enterprise 
50k  Bundle  (two  Manager  Servers, 
10  DNS  Servers,  10  DHCP  Servers 
and  50,000  IP  addresses).  Pros: 
Good  security;  flexible  IP  address 
management.  Con:  SA  500 
appliance  should  have  two  hot- 
swappable  power  supplies. 


Company:  ApplianSys,  www.appli 
ansys.com  Cost:  $10,950  for  the 
DNS-Box  300  and  $2,950  for  the 
DNSBox  100.  Pros:  Simple, 
straightforward  plug-and-play 
devices  with  a  browser-based 
interface.  Con:  Appliances  should 
have  two  hot-swappable  power 
supplies. 


The  breakdown 

VitalQIP 

Meta  IP 

DNSBox 

Performance  20% 

5 

4 

3 

IP  address  management  20% 

4 

4 

3 

Ease  of  use  20% 

4 

4 

3 

Scalability  10% 

5 

4 

4 

Security  10% 

4 

5 

4 

Installation  10% 

3 

4 

5 

Documentation  10% 

5 

5 

3 

TOTAL  SCORE 

4.3 

4.2 

3.4 

;  5;  Exceptional;  4:Verygpod;  3:  Average:  2:  Below  average;  1:  Consistently  subpar 
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i  •;  PACKETEER  , 


Bandwidth,  compression,  or  probes  simply  won’t  solve  your  WAN  performance 
problems.  Only  Racketeer  enables  you  to  protect  vital  applications,  pace 
greedy  traffic,  limit  recreational  usage,  and  block  malicious  traffic — so  all  your 
locations  will  run  as  smoothly  as  HQ.  Respond  now  for  our  free  handbook, 


The  4  Essentials  of  WAN  Optimization,  and  learn  how  to  optimize  any  WAN  to 
ensure  maximum  performance  for  critical  applications  such  as  SAP,  Oracle, 
Citrix,  VoIP,  Email,  and  hundreds  more.  Go  to  www.packeteer.com/four. 


Racketeer  —  the  WAN  optimization  leader  with  over 
7,000  customers  in  50+  countries  extends  WAN 
application  control  to  the  edge  of  your  network. 


FREE  HANDBOOK 

Discover  the  key  components 
for  ultimate  WAN  performance, 
while  eliminating  the  root  causes 
of  lethargic  WAN  applications. 
Download  your  free  copy  now  at 
www.packeteer.com/four. 


£  2005  Packeteer.  Racketeer  and  the  Racketeer  logo  are  registered  trademarks  of  Packeteer  Inc.  AH  rights  reserved.  All  other  product  or  company  names  are  the  property  of  their  respective  owners. 
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(VitalQiP  6. 1  with  Service  Pack  1)  accepted 
our  invitations.  Other  vendors  declined  to 
have  their  products  evaluated  (see  How 
we  did  it,  below). 

Our  tests  aimed  to  find  a  tool  that  could 
flexibly  and  efficiently  assign  IP  addresses 
to  all  our  IP  devices,  centrally  manage  all 
the  address  information  across  a  corpo¬ 
ration,  quickly  and  effortlessly  equate 
host  names  with  IP  addresses,  scale  well, 
be  intuitive  to  use  and  be  pervasively 
platform-neutral.  The  tool  also  should 
have  useful  reports  and  integrate  with 
custom-written  applications,  cooperate 
with  Active  Directory,  be  Lightweight 
Directory  Access  Protocol  (LDAP)-aware 
and  robustly  deal  with  badly  formed  or 
non-compliant  DHCP  requests.  The  sys¬ 
tem  also  needed  to  be  highly  fault-toler¬ 
ant  and  enforce  security  to  help  keep 
hackers  at  bay. 

Lucent’s  VitalQiP  wins  our  Clear  Choice 


SYSItr-t- Mrqfln&ahnn  ;qtpr»anl 
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Award,  but  just  by  a  whisker. VitalQiP  gave 
us  fast  performance,  scalability  feature-rich 
options  for  dealing  with  IP  addresses  and 
an  intuitive  user  interface.  The  software  is 
an  enterprise-ready  tool  to  organize  and 
manage  virtually  any  set  of  IP  addresses,  no 
matter  how  large  or  complex.  Metainfo’s 
Meta  IP  Enterprise  has  excellent  security 
and  reporting  features,  while  ApplianSys’ 
DNSBox  units  are  easily  installed  plug-and- 
play  DNS/DHCP  appliances. 

IP  Management  101 

We  were  highly  impressed  with  VitalQIP’s 
ability  to  discover,  manage  and  administer 
a  complete  picture  of  IP  addresses  across 
an  entire  corporate  infrastructure,  includ¬ 
ing  all  the  DNS,  BOOTP  and  DHCP  servers 
across  all  networks  and  subnets.  VitalQiP 
maintained  a  device  profile  for  every  IP 
address  and  accurately  tracked  the  status 
of  each  address  —  such  as  used,  unused, 
reserved,  pending  a  move  or  available. 

VitalQiP  includes  an  enterprise  server, 
remote  server,  Web  client  interface,  GUI 
client  and  distributed  services.  It  works 
with  either  a  Sybase  or  Oracle  relational 
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Like  VitalQiP,  Meta  IP  shows  IP  devices  and  addresses  in  expandable  tree  form. 


VitalQIP's  native  client  GUI  makes  organizing  and  administering  IP  addresses  a  painless  process. 


database  to  store  the  IP  address  data, 
configuration  settings  and  event  data. 
Lucent  bundles  Sybase  Adaptive  Server 
with  VitalQiP 

The  remote  server  component  includes 
a  DHCP  server,  DNS  server,  Microsoft 
DHCP  support,  IBM  DHCP  support  and  a 
DNS  update  service.  Unlike  Meta  IP  thq 
product  does  not  yet  support  IPv6. 

The  system’s  IP  Node  Discovery  feature 
did  a  credible  and  accurate  job  of  survey¬ 
ing  our  network  to  locate  and  identify 
ranges  of  IP  addresses  currently  in  use. 
Running  in  the  background  unobtrusively 
IP  Node  Discovery  on  a  large  network  can 
even  reveal  the  use  of  IP  address  ranges 
you  didn’t  even  know  were  on  your  net¬ 
work.  When  we  configured  VitalQiP  to  inte¬ 
grate  with  Active  Directory  it  found  our 
Active  Directory  tree,  and  thereafter  it  qui¬ 
etly  but  effectively  kept  Active  Directory 
aware  of  our  IP  addressing  schemes  and 
assignments. 

We  liked  that  VitalQiP  and  Meta  IP  sup¬ 
port  the  relatively  recent  updates  to  RFCs 
3396  (Long  Options  Support), 3442  (Class¬ 
less  Static  Route  Option)  and  3397 
(Domain  Search).  VitalQiP  also  supports 
DHCP  Option  82  information. 

Meta  IP  uses  a  three-tier  architecture  of  a 


management  console,  manager  server 
and  BIND-based  DNS/DHCP  services.  The 
management  console  provides  the  user 
interface,  and  the  manager  server  is  Meta 
IP’s  LDAP-based  repository  for  IP  address 
configuration  data  and  address  pools.  In 
our  tests,  the  manager  server  and  DNS/ 
DHCP  services  ran  on  the  SA-500  appli¬ 
ance,  while  the  management  console  ran 
on  Win  2000  Advanced  Server.  Metalnfo 
says  these  functions  also  can  run  on 
Windows  and  Unix. 

To  enhance  uptime  and  availability  one 
SA-500  can  be  primary  and  the  other  can 
act  as  a  secondary  failover  device.  Both 
the  SA-500  and  DNSBox  models  are  1U 
rack-mounted  with  single  power  supplies, 
potentially  a  point  of  failure.  We  feel  these 
should  have  dual,  hot-swappable  power 
supplies  to  eliminate  this  failure  point. 

The  Meta  IP  DNS  service  closely  inte¬ 
grates  with  Microsoft  Active  Directory.  In 
one  of  our  tests,  we  used  the  Windows 
Active  Directory  wizard  to  easily  and  pain¬ 
lessly  link  a  domain  controller  to  Meta  IP 
create  forward  master  zones  and  create 
optional  slave  zones.  In  the  resulting  con¬ 
figuration,  Meta  IP  controlled  and  directed 
DNS  operations  across  a  company  con- 

See  IP,  page  48 


m  How  Wo  Did  It 


Our  test  environment  consisted  of  six  routed  Fast 
Ethernet  subnet  domains  and  aT-1  Internet  con¬ 
nection.  The  Internet  link  let  us  perform  mas¬ 
sive  zone  transfers  and  other  large-scale  iP  address 
operations,  but  most  of  our  testing  was  local. 

We  ran  VitalQiP  and  the  Meta  IP  management  con¬ 
sole  on  a  four-way  Compaq  ProLiant  ML570  700  MHz 
computer  with  Pentium  III  CPUs,  2G-bytes  of  RAM 
and  six  18G-byte  SCSI  RAID  drives.  The  operating 
system  was  Windows  2000  Advanced  Server  with 
Service  Pack  4.  Metalnfo  sent  us  an  SA-500 
DNS/DHCP  appliance,  while  ApplianSys  shipped  both 
a  DNSBox  300  DNS/DHCP  Master  and  a  DNSBox 
100  DNS  Slave  appliance. 

Each  subnet’s  25  client  computers  were  a  mix  of 


Win  2000  Professional,  NT  Workstation  4.0,  Windows 
98,  Windows  ME,  Windows  XP,  Red  Hat  Linux  7.0  and 
Macintosh  platforms. The  relational  databases  on  the 
network  were  Oracle  8i,  Sybase  Adaptive  Server  11.5 
and  Microsoft  SQL  Server  2000.  Win  2000  and 
NetWare  5.1  shared  files,  while  Internet  Information 
Server,  Netscape  and  Apache  software  served  up 
Web  pages.  An  Agilent  Advisor  protocol  analyzer 
decoded  and  displayed  network  traffic. 

We  tested  each  product's  ability  to  dynamically  dis¬ 
tribute  IP  addresses,  equate  IP  addresses  to  host 
names,  register  IP  addresses  in  directory/name  reso¬ 
lution  services  and  maintain  a  repository  of  IP 
addresses  and  host  names.  We  also  looked  for  scala¬ 
bility,  security,  ease  of  use  and  task  automation. 


To  simulate  a  high  volume  of  DNS/DHCP  requests, 
we  ran  several  concurrent  instances  of  a  C++  pro¬ 
gram  that  issued  both  valid  and  invalid  DHCP-DIS- 
COVER  messages.  To  test  performance,  we  mea¬ 
sured  how  quickly  each  DHCP  server  responded  to 
50,000  IP  address  requests.  We  also  moved  clients 
from  one  subnet  to  another,  gave  unique  values  to  the 
DHCP  client  ID  field  and  assigned  different  values  to 
the  user  class  ID  and  vendor  class  ID  DHCP  parame¬ 
ters  to  see  how  the  DHCP  servers  responded. 

We  invited  all  major  vendors  with  IP  address  man¬ 
agement  products  to  participate  in  the  test.  Cisco, 
Nortel,  Nominum,  Incognito,  EfficientlP,  BlueCat, 
infoblcx  and  Process  Software  either  declined  or  did 
not  respond  to  our  invitation. 


AT&T 

and 

1-800-FL0WERS.C0M 


Can  your 
network 
make  flowers 
grow? 


1-800-FL0WERS.C0M®  AND  AT&T.  When  l-800-FL0WERS.COM  wanted  to  transform  the 
nature  of  their  business,  they  cultivated  a  relationship  with  the  world’s  networking  company. 
With  world-class  web  hosting  and  ultra-available  continuity  services,  AT&T  helped 
l-800-FL0WERS.COM  become  the  local  florist  with  global  reach.  So  now  high-traffic  e-commerce 
is  as  easy  as  a  tiptoe  through  the  tulips.  These  custom  networking  solutions  have  even 
allowed  them  to  blossom  into  new  ventures  like  Plow  &  FHearth®  and  the  Popcorn  Factory.® 
Today,  with  15  million  customers,  1-800-FLOWERS.COM  is  the  leading  multi-channel  floral 
and  gift  retailer  in  town.  Not  to  mention  the  entire  country.  CAN  YOUR  NETWORK  DO  THIS? 

4 


To  find  out  how  AT&T’s  networking  solution* 
helped  1-800-FL0WERS.COM  transform  its  business,  rv  «'<x 

att.com/ffoE?!  r. 


©2005  AT&T 


AT&T 

The  world's  networking  company5 


c 


IP  address  management 


IP 

continued  from  page  46 

taining  both  SA-500-based  and  Windows- 
based  DNS  services.  In  addition,  we  found 
the  RFC-compliant  Meta  IP  VitalQIP  and 
DNSBox  units  interoperated  well  with 
each  other. 

Meta  IP’s  Secure  Address  Foundation  Ex¬ 
tensions  (SAFE)  DHCP  feature  was  partic¬ 
ularly  useful  for  clients  outside  a  private 
network  (for  example,  the  Internet)  that 
need  to  send  IP  address  requests  to  your 
DHCP  servers.  Your  company’s  mobile 
clients,  such  as  PDAs  and  notebooks,  are 
examples  of  devices  for  which  your  net¬ 
work  has  to  sometimes  play  the  role  of  ISP 

The  SAFE  feature  evaluates  client  media 
access  control  addresses  or  DHCP  Unique 
Client  IDs  to  distinguish  between  known, 
authorized  clients  and  other  clients.  For 
example,  if  a  stranger  asks  for  a  company’s 
IP  addresses,  Meta  IP  leases  to  it  an  IP 
address  from  a  separate  pool.  Depending 
on  how  you  set  up  the  pools  of  IP  ad¬ 
dresses,  SAFE  DHCP  can  help  control  or 
limit  access  to  portions  of  your  network. 

Meta  IP  also  uses  Perfigo’s  SecureSmart 
manager  to  identify  DHCP  clients  and 
runs  anti-virus  scans  to  verify  that  a  client’s 
configuration  conforms  to  corporate  stan¬ 
dards.  If  you  need  extra  security  Meta  IP 
can  use  an  Authenex  ASAS  Server  or  a 
Check  Point  UserAuthority  server  to 
authenticate  users  at  initial  network 
access  via  a  password. 

ApplianSys’  DNSBox  300  (master)  and 
DNSBox  100  (slave)  together  are  a  com¬ 
plete,  if  simple,  DNS/DHCP  environment 
more  appropriate  for  small  to  midsize 
companies.  Where  VitalQIP  and  Meta  IP 
are  software-only  or  a  combination  of  soft¬ 
ware/hardware,  the  DNSBoxes  are  pure 
plug-and-play  network  appliances. 

The  DNSBox  300  includes  a  Nixu  Name- 
Surfer  DNS  management  system,  while  the 


DNSBox  100  runs  a  BIND  V9  server  exe- 
cutable.The  DNSBox  300  supports  multiple 
DNS  views,  dynamic  DNS,  automatic  zone 
slaving,  secure  incremental  zone  transfers 
and  zone  and  host  templates.  It  integrated 
well  with  Microsoft’s  Active  Directory  repli¬ 
cated  data  to  a  warm-standby  second  DNS 
300  for  failover,  supported  IPv6  and  accu¬ 
rately  detected  duplicate  names  and  IP  ad¬ 
dresses.  The  DNSBox  100  contained  a  re¬ 


cursive  resolver  DNS  cache,  used  IPSec 
(with  public/private  keys  and  RSA  authenti¬ 
cation)  to  connect  to  other  DNS  servers, 
acted  as  a  DHCP  relay  issued  SNMP  alerts 
and  had  a  DNS  cache  query  tool  for 
troubleshooting  “stale  cache”  problems. 
Together  the  two  boxes  performed  zone 
transfers  and  updates  through  a  secure  VPN 
tunnel,  which  results  in  a  higher  level  of 
security  than  offered  by  BIND  9’s 
Transaction  Signature  facility  In  addition, 
the  appliances  have  a  built-in  firewall  to 
lower  your  company’s  exposure  to  hackers. 

Performance  and  scalability 

We  measured  performance  by  running 


custom  client  software  that  rapidly  requests 
50,000  dynamic  IP  addresses  and  noting 
the  elapsed  time  that  each  tool  took  to 
respond. We  ran  the  program  six  times,  one 
test  on  each  network  segment  in  our  lab 
(see  Chart  l).We  also  benchmarked  DNS 
activity  Our  test  software  issued  a  flood  of 
50,000  name-to-IP  address  resolution  re¬ 
quests,  and  obtained  responses  from  a  DNS 
server  (see  Chart  2,  below). 


Results  show  clearly  that  VitalQIP  was 
the  fastest  tool,  but  both  VitalQIP  and 
Meta  IP  have  the  capacity  and  speed  to 
handle  millions  of  IP  addresses  with 
ease.  We  feel  that  the  DNSBoxes  are  more 
appropriate  for  smaller  networks. 

Platform  support  might  be  a  major  factor 
in  what  you  buy  for  your  company’s  com¬ 
puting  environment.  VitalQIP  runs  on  Sun 
Solaris,  HP-UX,  ADC,  and  Win  2000  and  2003. 
Its  DNS/DHCP  server  component  also  is 
available  on  a  network  appliance.  Currently 
only  the  command-line  interface  is  avail¬ 
able  on  Red  Hat  Linux,  but  Lucent  says  the 
GUI  will  be  available  on  Linux  by  mid-2005. 
Meta  IP’s  server  components  run  on  Solaris, 
Red  Hat  Linux,  Debian,  SuSE  and  Windows 
NT,XP2000  and  2003.The  Meta  IP  manage¬ 
ment  console  runs  only  on  Windows. 

Ease  of  use 

VitalQIP  offers  an  easy-to-navigate  GUI 
client  for  Windows  and  Unix,  even  sporting 
a  prompt-based  interface  for  command¬ 
line  devotees.  The  Web  client  interface, 
which  includes  a  set  of  Common  Gateway 
Interface  scripts,  supplies  a  few  basic  ad¬ 
ministrative  functions  and  a  basic  system 
status  display  in  a  browser  window. You  will 
need  to  use  the  GUI  or  CL1  clients  for  most 
VitalQIP  tasks.  Documentation,  which  con¬ 
sists  of  three  books  and  sizable  online  help 
files,  was  clear  and  comprehensive. 

We  also  found  Meta  IP’s  native  Windows 
interface  intuitive  and  productive.  In  addi¬ 
tion  to  its  IP  address  organization  and 
assignment  modules,  Meta  IP  includes  con¬ 
figuration  analysis  tools  that  display  reports 
showing  DNS  services  and  zones,  as  well  as 
DHCP  lease  pool  data.  The  tools  include  a 


Tm  ApplianSys  browser-based  interface  is  simple  but  effective. 


Chart  1:  Speed  addressing 

Lucent  leased  IP  addresses  at  a 
furious  rate. 


IP  address  requests 

(leases/second’) 


I  VitalQIP 
I  Meta  IP 
DNSBox 


- 


44  seconds  58  seconds  65  seconds 


'  50,000  NAME  REQUESTS  DIVIDED  BY  ELAPSED  SECONDS  VALUE. 


Chart  2:  Quick  resolution 

Lucent  also  excelled  at  resolving 
DNS  requests. 

DNS  resolution  performance 


n 


VitalQIP 
Meta  IP 
DNSBox 


28  seconds  35  seconds  42  seconds 


*  50,000  NAME  REQUESTS  DIVIDED  BY  ELAPSED  SECONDS  VALUE. 


DNS  IP  troubleshooting  function,  DNS  zone 
configuration  display,  static  lease  compli¬ 
ance  analysis,  DHCP  discovery  report,  lease 
pool  usage  display  available  address  ping 
sweep,  lease  reclaimer  and  user  data  report. 
We  found  scheduling  and  customizing  the 
Meta  IP  reports  a  simple  and  straightfor¬ 
ward  process.  Metainfo  provided  excellent 
printed  and  online  documentation. 

In  contrast  to  VitalQIP  and  Meta  IP  the 
DNSBox  300  appliance  gives  you  browser- 
based  full  administrative  control  over  DNS 
and  DHCP  functions. When  we  installed  the 
appliances,  configuring  the  300  and  100’s 
own  IP  addresses  and  subnet  mask  was 
done  via  serial-port-based  telnet.  Option¬ 
ally  connecting  through  a  virtual  terminal 
revealed  detailed  appliance  behavior  in 
the  form  of  syslog  entries.The  DNSBox  Web 
interface  was  a  simple,  menu-driven  set  of 
HTML  and  Javascript  pages  to  configure 
the  servers,  get  a  summary  of  DNS/DHCP 
activity  change  the  password,  view  online 
help  and  perform  backup  and  restore  func- 
tions.The  printed  documentation  consisted 
of  some  “getting  started”  steps  and  a  rudi¬ 
mentary  usage  tutorial.  Almost  all  of  the 
adequate  (but  obviously  not  professionally 
written)  DNSBox  documentation  is  avail¬ 
able  only  in  HTML  The  DNSBox  300  Web 
interface  uses  SSL  and  passwords  for  secu¬ 
rity  It  supports  multiple  concurrent  admin¬ 
istrators  and  has  a  read-only  mode  so  non- 
administrative  users  can  view  DNS/DHCP 
activity,  although  we’re  at  a  loss  to  imagine 
why  anyone  would  use  this  feature. 

A  handy  delegation  feature  lets  a  super¬ 
visor  administrator  assign  responsibility 
for  particular  domains  and  subnets  to  dif¬ 
ferent  users. 

Nance  runs  Network  Testing  Labs  and  is 
the  author  of  Introduction  to  Networking, 
4th  Edition  and  Client/Server  LAN  Pro¬ 
gramming.  He  can  be  reached  at 
barryn  @erols.  com. 
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EtherScope  and  OptiView  -  Two  Portable  Network 
Analyzers  created  to  help  prove  it's  not  a  network 
problem.  Faster.  Quickly  proving  problems  are  not 
network  problems  is  exactly  what  our  portable 
analyzers  are  all  about.  Unlike  a  protocol  analyzer 
or  laptop  freeware,  they  give  you  the  complete  vision 


you  need  to  quickly  and  accurately  diagnose  problems 
For  example,  you  can  track  down  connectivity 
problems  and  incorrectly  configured  stations,  identify 
causes  of  network  slowdowns  (like  excessive  broad 
casts)  and  spot  bandwidth  hungry  applications. 

All  with  one  tool:  a  Fluke  Networks'  portable  analyzer. 
Simply  put,  they're  the  best  way  to  prove  it's  not  the 
network's  fault.  And  the  surest  way  to  start  getting 
little  more  respect  around  the  office. 


Prove  it  s  not  the  network  s  fault.  Faster. 


Visit  www.flukenetworks.com/PNA  to  see 
how  one  of  our  portable  analyzers  can  make 


'  is 


your  job  easier. 


c2005  Fluke  Corporation.  All 
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Automatic  server  provisioning;  Essential,  yet  lacking 


m  BY  ANDREAS  ANTONOPOULOS 

Next-generation  data  centers  are  sup¬ 
posed  to  be  hotbeds  of  automation  with 


on-demand  everything.  In  this  ideal, system 
administrators  are  almost  obsolete, and  the 
data  center  runs  “by  itself.” 

Operating  systems  are  composed  of 


thousands  of  components  with  tight  bind¬ 
ings  and  a  maze  of  interdependencies. 
These  components  may  have  a  different 
management  interface.  In  this  environ¬ 


ment,  it  is  difficult  to  create  an  automated 
provisioning  and  deployment  tool  that 
works  consistently 

Fortunately  all  operating  system  vendors 
have  identified  provisioning  as  a  key  opera¬ 
tional  headache  for  their  customers  and 
have  been  building  increasingly  sophisti¬ 
cated  tools  to  reduce  the  time  and  effort 
needed  to  deploy  a  server.  Also,  several  ven¬ 
dors  have  extended  the  basic  operating  sys¬ 
tem  tools,  turning  them  into  sophisticated 
provisioning  tools. 

There  are  two  general  approaches  to 
server  provisioning:  imaging  and  script¬ 
ing.  With  imaging,  a  server  or  an  applica¬ 
tion  component  backs  up  to  a  “gold” 
image,  which  can  be  reproduced  on  a  tar¬ 
get  server.  Because  the  image  is  restored 
in  one  go,  this  process  can  be  fast,  lasting 
only  a  few  minutes.  Scripting  deploys  the 
software  using  the  standard  installation 
process,  with  the  administrator’s  manual 
input  automatically  recorded  and  re¬ 
played  for  every  installation.  Because  this 
process  uses  the  generic  installation  pro¬ 
gram  designed  to  provide  myriad  configu¬ 
rations,  it  is  a  slower  process.The  resulting 
installation  may  require  additional  up¬ 
dates  and  patches.  Though  slower,  the 
scripting  method  provides  more  fine¬ 
grained  control  over  each  configuration. 

In  practice,  most  provisioning  systems 
combine  both  methods  into  a  hybrid 
approach. 

Yet  a  third  approach  is  to  extend  the  imag¬ 
ing  method  by  storing  a  gold  image  and 
“deltas”  for  each  desired  configuration.  The 
deltas  are  the  differences  between  the 
desired  build  and  the  base  image.  This 
approach  allows  administrators  to  have 
hundreds  of  virtual  images  without  having 
to  store  hundreds  of  large  baselines. 

The  greatest  remaining  hurdle  is  that  pro¬ 
visioning  systems  are  neither  comprehen¬ 
sive  nor  interoperable.  This  leaves  adminis¬ 
trators  in  the  position  of  using  multiple  sys¬ 
tems  that  don’t  talk  to  each  other.  The 
DCML  and  OGSA  standards  are  solutions  to 
the  interoperability  problem,  but  vendors 
have  been  slow  to  adopt  them. 

Automatic  provisioning  has  a  long  way  to 
go  to  reach  the  operator-less  data  center. 
Products  such  as  Microsoft’s  Provisioning 
System,  Automatic  Deployment  Services 
and  Sysprep,  Veritas’  OpForce,  IBM’s  Think- 
Dynamics,  Sun’s  CenterRun.HPs  Novadigm 
and  Levanta  for  Linux  all  point  to  a  more 
automated  and  efficient  data  center. 

Antonopoulos  is  principal  research  ana¬ 
lyst  at  Nemertes  Research.  He  can  be 
reached  at:andreas@nemertes.com. 
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Vendor  vetting 

When  it  comes  to  choosing  network  products,  customer  references  can  be  an  information  gold  mine. 


■  BY  JOHN  COX 

Some  network  executives  either  overlook  or 
don’t  make  the  most  of  a  key  resource  in  eval¬ 
uating  IT  products  and  services:  the  customers 
that  are  already  using  them. 

Schon  Crouse,  PC  support  analyst  with  Children’s  Hospital  in 
Columbus,  Ohio,  knows  exactly  how  valuable  vendor  reference 
checking  can  be.  He’s  currently  evaluating  two  software  ven¬ 
dors,  PDADefense  and  Extended  Systems,  for  client/server  secu¬ 
rity  software  that  will  be  loaded  on  to  handheld  devices,  includ¬ 
ing  smartphones,  used  by  hospital  staff.  The  Health  Insurance 
Portability  and  Accountability  Act  regulations  mandate  that  the 
devices  lock  down  the  instant  they’re  shut  off,  which  requires 
the  user  to  key  in  a  password  to  turn  them  on  again. 

Crouse  was  quizzing  an  Extended  Systems  customer  who 
stunned  him  with  an  issue  that  had  never  been  voiced.“The  cus¬ 
tomer  told  me  this:  ‘When  the  smartphone  locks,  does  it  let  me 
answer  an  incoming  call  automatically  or  do  I  have  to  key  in  the 
password?”’ he  recalls  “I  never  even  thought  of  that.  He  said  that 
was  one  of  their  biggest  issues.” 

He  says  the  answer  was  that  Extended  Systems  lets  you  receive 
calls  without  entering  the  password,  but  to  make  calls  you  have 
to  unlock  the  smartphone.  PDADefense  requires  users  to  key  in 
the  password  before  doing  either. 

While  customer  references  are  routinely  requested  from  ven¬ 
dors  bidding  on  a  project,  using  them  effectively  requires  plan¬ 
ning,  shrewdness  and  perseverance. 

“In  my  experience,  the  mind-set  of  customers  often  is  that  ref¬ 
erence-checking  is  the  last  thing  you  do  before  you  sign  on  the 
dotted  line,"  says  Kendall  Messick,  a  senior  consultant  with 
International  Computer  Negotiations,  which  specializes  in  train¬ 
ing  clients  to  hammer  more  advantageous  and  less  risky  deals 
with  IT  vendors. 

Reference  checking  is  like  mining:  knowing  where  and  what 
to  look  for,  being  sensitive  to  the  lay  of  the  land,  and  using  the 
right  tools.  Questions  cover  product  details  but  also  how  reli¬ 
able  the  vendor  is  with  delivery  customer  service  metrics,  and 
even  the  experience  and  performance  of  people  on  the  ven¬ 
dor’s  account  team. 

Vendors  only  will  give  the  names  of  customers  they  are  certain 
will  give  a  positive  endorsement,  Messick  says. “But,  that  said,  if 
the  reference  check  occurs  at  the  right  time  [in  the  procure¬ 
ment  process]  and  is  done  by  the  right  person  who  knows  what 
they’re  doing,  they  can  get  a  lot  of  information,”  he  adds. 

Ask  for  former  customers  as  references,  advises  Sam  Barton, 
contracts  manager  for  Toyota  Motor  Sales  USA.  “In  many 
instances,  we’ve  asked  them  to  give  us  one  or  two  former  cus¬ 
tomers  who  have  stopped  the  service  [or  product]  for  whatev¬ 
er  reasons,  pleasant  or  unpleasant,”  he  says. 

In  large  companies,  purchasing  decisions  typically  are  quar¬ 
terbacked  by  a  group  of  procurement  professionals.  At  Toyota 


Motor  Sales,  the  IT  group  coordinates  IT  purchases.  In  either 
case,  an  interdisciplinary  team,  including  IT  staff,  shepherds  the 
process  from  initial  requirements  to  contract  signing. 

“Our  IT  department  is  shoulder  to  shoulder  with  our  supply- 
chain  department  on  all  these  deals,” says  Jeff  Rolsten,  executive 
director  of  supply-chain  services  for  BellSouth  in  Atlanta.“I  can 
only  get  so  far  with  technology  and  then  I  need  someone  who 
really  knows  that  stuff.” 

Consistency  is  key 

That  kind  of  cooperation  is  especially  important  in  drafting 
the  right  set  of  questions,  and  then  asking  the  same  questions  of 
each  customer  reference.  “With  the  same  questions  and  the 
same  phrasing,  you  can  get  consistent  responses,”  Messick  says. 
“You  want  comparable  information.” 

BellSouth  routinely  quizzes  customer  references  for  up  to  30 
minutes  with  questions  that  focus  on  several  key  areas:  problem 
solving,  communications,  customer  focus  and  price/cost. 
Although  asking  references  what  they  paid  for  a  product  is  ver- 
boten,  Rolsten  says  they  can  find  out  if  the  vendor  shows  initia¬ 
tive  in  helping  to  hold  down  costs,  pass  along  savings  and  work 
with  customers  on  such  matters. 

Rolsten  recommends  using  two  people  on  these  calls:  a  ques¬ 
tioner  and  a  note  taker.  The  questions  vary  depending  on  what 
the  product  or  service  is.  “With  as  many  systems  as  we  have,  a 
typical  request  is  ‘Can  you  ask  them  how  it  interfaces  with 
Company  X’s  software?’”  Rolsten  says. “Or, ‘How  does  it  run  on 
one  platform  compared  to  another  platform?”’ 

Children’s  Hospital’s  Crouse  asked  his  customer  references  for 
the  handheld  security  software  how  easy  it  is  to  install  the  soft¬ 
ware  on  their  computers,  how  easy  it  is  to  update  or  patch,  and 
then  after  the  update,  what  additional  work,  if  any,  needs  to  be 
done  on  the  client  device. 

Toyota’s  Barton  starts  out  with  high-level  questions,  looks  to 
establish  rapport  with  the  reference  and  then  works  down  to 
greater  levels  of  detail.“We  might  start  by  asking  ‘What  did  you 
bring  this  vendor  in  to  do?”’  he  says.  “Then, ‘Was  this  a  deliver- 
ables-based  project  or  time-and-materials?’  ‘Did  they  deliver  on 
time?  Were  you  satisfied?’You  start  drilling  down  into  the  things 
that  you  want  this  same  vendor  to  do  for  you.” 

He  adds  that  his  company  prefers  to  speak  to  the  people  who 
are  implementing  the  product  and  working  with  it  on  a  day-to- 
day  basis  as  opposed  to  management. 

Finding  the  right  people  makes  it  easier  to  establish  rapport 
and  therefore  easier  to  get  to  a  conversation  that’s  respectfully 
frank.“We  might  want  a  vendor  to  meet  service-level  agreements 
(SLA)  and  then  meet  remedies  if  they  don’t,”  Barton  says.“So  we 
might  ask  a  reference, ‘Do  you  have  SLAs?  Did  you  ever  have  to 
invoke  a  remedy?’They  might  reply ‘Yeah,  once  or  twice.’You  get 
to  see  where  there  might  have  been  hiccups.” 

Those  hiccups  don’t  mean  you  disqualify  the  vendor.  But  they 
become  part  of  the  final  negotiations,  so  you  can  mitigate  risks. 
If  the  vendor  has  been  late  with  deliveries  or  consistently 
missed  one  part  of  an  SLA,  the  contract  negotiations  can  focus 
on  providing  additional  protections  for  your  company.  ■ 


Asking  the  right  questions 

Quizzing  customer  references 
provides  insight  about  their 
experiences  with  a  particular 
vendor's  product.  To  do  the  job 
well,  formulate  queries  that: 

•  Are  consistent. 

•  Cover  the  specifics  of  the  product 
or  service  you're  evaluating. 

•  Explore  support,  SLA  and  rela¬ 
tionship  issues. 

•  Seek  examples  that  illustrate  the 
reference's  comments  and  claims. 

A  sampling  of  queries: 

•  What  prompted  your  decision  to 
select  [vendor  name]?  Did  you 
evaluate  and  consider  competitive 
options  at  the  time?  If  so,  which 
options? 

•  Please  provide  a  brief  synopsis  of 
your  implementation  with  [vendor 
name]  from  both  a  functional  and 
a  technical  perspective,  (i.e.  oper¬ 
ations  system[s]?  platform[s]? 
technologies  used?  transaction 
volumes,  etc.) 

•  Did  the  product  meet  your  expec¬ 
tations  for  functionality  and  relia¬ 
bility? 

•  What  has  been  the  biggest  chal¬ 
lenge  you  have  faced  working  with 
[vendor  name]? 

•  Has  [vendor  name]  consistently 
met  the  SLAs  set  forth  in  your 
contract?  If  not,  what  has  caused 
the  deficiency?  What  steps  has  the 
vendor  taken  to  improve  perfor¬ 
mance? 

•  In  reflecting  on  your  experience 
working  with  [vendor  name],  wha.v 
would  you  have  done  differently  or 
what  would  you  change9 

•  You  have  communicated  !  at  you 
highly  recommend  [vendiv  name]. 
Could  you  give  me  a  tew  examples 
or  share  a  couple  of  .-.lories  to 
help  me  understand  why  you  feel 
the  way  you  do? 


r 


Raritan's  Dominion®  SX  is  here  and  you  won't  believe  the  impact 
it  has  on  your  incident  response,  problem  diagnosis  and  repair 
times.  With  so  many  more  features  than  the  competition,  your 
only  question  will  be  what  to  do  with  your  existing  serial  console 
servers.  We  have  some  ideas.  Come  to  our  site.  Tell  us  which 
weapon  to  use.  Sit  back  and  watch  the  fun. 


Raritan 


When  you're  ready  to  take  control. 
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The  Next-Generation  IT  Infrastructure 

Cyclades  AlterPath™  System  is  the  industry's  most  comprehensive  Out-of-Band 
Infrastructure  (OOBI)  system.  The  AlterPath  System  allows  remote  data  center 
administration,  eliminating  the  need  for  most  time-consuming,  remedial  site 
visits.  When  fully  deployed  in  your  data  center,  Cyclades  AlterPath  System  lowers 
the  risks  associated  with  outages,  improves  productivity  and  operational 
efficiency,  and  cuts  costs. 

Each  component  of  the  AlterPath  System  is  designed  to  seamlessly  integrate 
into  the  enterprise,  able  to  scale  in  any  direction.  Whether  you  need  serial 
console  management  of  networking  equipment,  KVM  for  access  to  Windows1' 
servers,  branch  management,  IPMI  or  HP  iLO  for  service  processor 
management,  or  advanced  power  management,  the  AlterPath  System  delivers. 
Cyclades  brings  it  all  together,  making  OOBI  administration  seem  like  child’s  play. 


Over  85%  of  Fortune  100 
choose  Cyclades. 

www.cyclades.com/nw 

1 .888.cyclades  •  saies@cyclades.com 
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ASSET  MANAGEMENT 
IN  MINUTES, 

NOT  DAYS. 


NETSUPPORT 
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The  problem  with  traditional  Asset  Management  solutions,  is  that  while  claiming  to  offer  accelerated 
levels  of  ROI  once  installed,  they  often  overlook  the  cost  of  implementation  in  the  first  place. 

Hours  turn  in  days,  days  into  weeks  and  weeks  into  months.  Before  long,  the  implementation  cost 
exceeds  the  initial  purchase  price  and  that's  before  you  consider  the  on-going  support. 

But  there  is  an  alternative.  One  which  offers  all  the  functionality  you'd  expect  from  an  award 
winning  asset  management  suite  but  with  only  a  30  minute  implementation  path. 

NetSupport  DNA  combines  powerful  powerful  Hardware  &  Software  Inventory  with  Software 
Distribution,  unique  Application  &  Internet  Metering,  best  of  breed  PC  Remote  Control,  Enterprise 
Reporting  and  an  optional  web  based  Helpdesk. 

Think  about  it,  but  not  for  long  as  the  clock's  ticking  -  in  30  minutes,  you  could  be  gathering  vital 
asset  information  and  enterprise  reports  for  the  whole  of  your  network  (and  also  those  users  not 
connected  to  it). 

Visit  www.netsupport-inc.com  and  download  a  full  trial  license  today. 
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Ne»f  Support 

www.  n@tsupport-inc.com 
Sales;  1-888-665-0808 
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UltraMatrix™ 

Remote 


KVM  OVER  IP 
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MATRIX  KVM  SWITCH  WITH 
INTEGRATED  REMOTE  ACCESS  OVER  IP 


System-wide  connectivity  locally  or  over  IP  from  any  location 
worldwide 

Connects  i,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX, 
and  serial  devices 

High  quality  video  up  to  1280  x  1024 

Secure  encrypted  operation  with  login  and  computer  access  control 

Scaling,  scrolling,  and  auto-size  features 

View  realrtime  4  computer  connections  using  the  quad-screen 

mode 


UltraMatrix™ 

E-series 

KVM  SWITCH 


PROFESSIONAL  MULTI-USER  KVM  SWITCH 
2  -  4  KVM  STATIONS  TO  1,000s  OF  COMPUTERS 


PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

On-screen  menu  informs  you  of  connection  status 

between  units  in  an  expanded  system 

Powerful,  expandable,  low  cost 

No  need  to  power  down  most  servers  to  install 

Security  features  prevent  unauthorized  access 

Free  lifetime  upgrade  of  firmware 

Video  resolution  up  to  1600  x  1280 

Available  in  several  models 

Easy  to  expand 


The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches.  It  not  only 
provides  a  comprehensive  solution  for  remote  server  console  access,  this  access  can 
be  local  or  from  any  workstation  on  your  network  over  IP. 


■  KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 

The  RackView  offers  the  latest,  most  efficient  way  to  organize  and 
streamline  your  server  rooms  and  multiple  computers.  The 
RackView  is  a  rack  mountable  KVM  drawer  neatly  fitted  in  a 
compact  pull-out  drawer.  This  easy-glide  KVM  drawer  contains  a 
high-resolution  T FT/LCD  monitor,  a  tactile  keyboard,  and  a  high- 
resolution  touchpad  or  optical  mouse. 


The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technolog,  at 
an  affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  users  to  as 
many  as  1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes: 
2x4,  2x8,  2x16,  4x4,  4x8,  4x16,  1x8,  and  1x16  and  either  PC  or  multi-  platform. 


RackView 

Fold-Forward 


RackView 

Fold-Back 


RackView 
LCD  Monitor 


RackView 

Keyboard 


HOSE  US  4281  933  7673 

ROSE  EUROPE  +44  (0)  1 264  850574 
HOSE  Asia  +65  6324  2322 
ROSE  Australia  +617  3388  1540 


800-333-9343 

WWW.ROSE.COM 
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Choose  a  network  analyzer  that  puts  you  in  the  driver's  sea 
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OBSERVER 


How  much  does  your  network  analyzer  see? 

Observer  is  the  only  fully  distributed  network  analyzer  built 
to  monitor  the  entire  network  (LAN,  802.1 1  a/b/g.  Gigabit, 
WAN).  Download  your  free  Observer  10  evaluation  today 
and  see  how  Observer  puts  you  in  the  driver's  seat  with  more 
real-time  statistics,  more  in-depth  analysis  and  more  network 
advantages  than  ever  before. Choose  Observer. 

-CRPRC  i  tv  PLRRR I  no-  Determine  how  much  bandwidth 
your  router  will  need  based  on  historical  usage  patterns  with 
Network  Trending. 

-FORES  1 6HT-  Predict  how  network  changes  will  affect 
your  response  times  with  "What-lf 1  Modeling  Analysis. 

-no  S  i  goal  -  Find  rogue  access  points,  monitor  access 
point  load  and  scan  wireless  channels  continuously  with  over 
50  WLAN  Expert  Conditions. 

US  &  Canada  toll  free  800.526.5958 

fax  952.932.9545 

UK  &  Europe  +44(0)1959569880 

www.networkinstruments.com/analyze 


How  Do  You 
Securely  Reboot 

via  IP? 


Sentry  Gives  You  Secure  Web/I  P  Based  Remote  Site  Management 


"NEW!"  Secure  Shell  (SSHv2)  Encryption 
"NEW!"  SSLv3  Secure  Web  Browser 
"NEW!"  Active  Directory  with  LDAP 
SNMP  MIB  &  Traps 
Integrated  Secure  Modem 
True  RMS  Power  Monitoring 
Outlet  Receptacle  Grouping  for  Dual-Power  Servers 
Fail-Safe  Transfer  Switch  for  Single-Power  Supply  Servers 
Power-up  Sequencing  Prevents  Power  In-rush  Overload 
Temperature  &  Humidity  Environmental  Monitoring 
Zero  1)  &  Rack-mount  Models 
1 1 0/208  VAC  Models  with  30-Amp  Power  Distribution 
NEBS  Approved  -48  VDC  Models  Available 


Server  Technology 


Solutions  for  the  Data  Center  Equipment  Cabinet 


When  servers  and  network  devices 
in  the  data  center  lock-up,  network 
managers  need  fast,  secure  and 
reliable  tools  to  respond.  With 

Sentry™  Remote  Site  Managers, 

. 

an  administrator  can  immediately  f 

reboot  a  remote  system  with  just 
a  few  mouse  clicks.  Sentry  also 
provides  accurate  input  current 
power  monitoring,  environmental  ? 

monitoring  and  integrated  secure 
console  management  using  SSH.  ' 


Server  Techi  ology,lnc, 


Server  Technology,  Inc.  toll  free  +t,B0[l'|5S45iS  , 

1040  Sandhill  Drive  tel  ++77+2S4.200Q 

Reno,  NV  89521  .  / 

USA  V 

,  www.servertecb.com 

sales@servertech.com 

.  +^.v.y. . 

©Server  Technology  lm:.>ntry  is'cj  Mdemark  at  Server  TectmologyJnc;  •• 


^ ,  .  TAP  into  Performance 

ftV *■  WOFKTAPs©  Monitor  mission-critical  links  with  the 

latest  technology  through  new  nTAPs 

Stop  jeopardizing  network  performance  and  risking  costly  downtime.  Be  confident  you 
have  maximum  visibility  into  your  full-duplex  links  by  configuring  an  nTAP  solution  that 
fits  your  network  and  budget.Visitwww.networkTAPs.com/visibilitytoday. 


Ethernet  Copper  nTAP 

For  copper-to-copper  connections 
Choose  your  speed: 

|  10/100 . . . $395 

f  10/100/1000 . . . $995 


^  1 0/1 00/1 000  Conversion  nTAP 

•/  'Copper  input  with  copper  or 
fiber  output  otions 
Choose  your  analysis  output: 

SX . $1,995 

LX . $1,995 
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Optical  Fiber  nTAP 

Multiple  split  ratios 

Choose  your  port  density: 

Single  channel . 

$395 

Four  channel . 

$1,795 

Six  channel . 

$2,395  j 

_ a 

To  learn  more  about  how  nTAPs  can  boost  your  network  visibility  and  which  configuration  option 
is  best  for  you,  go  to  www.networkTAPs.com/visibility  or  call  866-GET-nTAP  today. 

Free  overnight  delivery* 
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‘Free  overnight  delivery  on  all  U.S.  orders  over  $300.00  confirmed  before  12  pm  CST. 

nTAP  and  the  nTAP  logo  are  trademarks  or  registered  trademarks  of  Network  instruments,  UC 


a-  TAP 


Instantly  Search 
Gigabytes  of  Text 
Across  a  PC,  Network,  Intranet  or  Internet 


Publish  Large  Document  Collections  to  the  Web  or  to  CD/DVD 

♦over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 
♦highlights  hits  in  HTML,  XML,  &  PDF  while  displaying  embedded  links,  formatting 

♦converts  other  file  types  (word  processor,  database,  spreadsheet,  email,  ZIP,  Unicode,  etc.) 
to  HTML  for  display  with  highlighted  hits 


“The  most  powerful  document  search 
tool  on  the  market”  -Wired  Magazine 

“Intuitive  and  austere ...  a  superb 
search  tool”  -PC  World 

“Blindingly  fast”  -Computer  Forensics: 
Incident  Response  Essentials 

“A  powerful  arsenal  of  search  tools” 
-The  New  York  Times 

dtSearch  “covers  all  data  sources ... 
powerful  Web-based  engines”  -eWEEK 


“Searches  at  blazing  speeds” 
-Computer  Reseller  News  Test  Center 

In  the  past  two  years,  over  half  of  the 
Fortune  15  purchased  dtSearch 
developer  or  network  licenses. 


See  www.dtsearch.com  for: 

♦  hundreds  of  developer  case  studies  &  reviews 

♦  fully-functional  evaluations 

1-800-IT-FINDS 
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Industrial-strength 


-PC  Magazine 


superb"-*  W®"* 


superb 


Industrial-strength 


-fCMaoaztn* 


superb 


♦  tor  Win  &  .NET 
♦  for  Li  nun 

♦  call  r  pricing 


PUBLISH 

for  CD /DVDs 


,  ..idustriaLstrength. 

|  superfa'-rc  Magadi. 

♦  from  $2,500 


NETWORK 

i  t  Li  S|i  i 
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superb"-*  Maqaape 


♦  from  $80® 


sales@dtsearch.com  The  Smart  Choice  lor  Text  Retrieval*  since  1991 
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Metrobility  makes  it  easy  to  deploy 
optical  Ethernet  services  across  the 
campus,  across  town,  and  across  the 
Internet.  With  support  for  multimode, 
singlemode,  and  wavelength  multiplexing 
even  the  most  demanding  requirements 
can  be  met. 


Find  out  how  Metrobility  can  help  you 
extend  your  LAN  and  maximize  your 
infrastructure  with  optical  Ethernet. 


www.metrobility.com  ph:  1.603.880.1833  toll-free  1.800.952.6227 


METRobility 

optical  systems' 


Extending  the  Enterprise  LAN 
with  Metro  Ethernet  Services 


The  E-Services  NID 

Intelligent,  secure  demarcation 
for  Ethernet  in  the  First  Mile 


Multi-level  standards-based  management 
and  enhanced  diagnostic  capabilities  mean 
staff  training  will  be  minimized  and 
network  reliability  and  performance  are 
improved. 
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Tel:  408.727.1122 
Fax:  408.727.8002 
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Server  Rack 
Cabinets  and  More 

'  ■  ••  ..  .  - .  iESftS.  .  .  --a'.*'.  ■  •■■■.,  . 


Small  iow-proflle  server  rack  cabinets  are  just  one  of  over 
2,000  items  on  the  ISC  website.  Browse  the  on-line  catalog 
and  choose  from  a  wide  array  of  computer  related  product 
solutions  for  today's  workplace.  Order  on-line  or  call  for 
assistance  from  one  of  our  knowledgeable  account  managers. 


Visit  www.iscdfw.com  or  call  1-800-458-6255  for  more  information. 


Solutions  for  IT  -  Network  -  Telecom  Professionals. 

©  2004  Information  Support  Concepts  Inc.  all  rights  reserved 


Site  Administrator 

Provide  first-line/Help  Desk  support 
to  end-users;  procure,  set  up  and 
configure  equipment  for  all  employ¬ 
ees  at  location  and  remote  loca¬ 
tions  in  North  America.  Must  have 
bachelor’s  degree  or  equivalent  in 
computer  science  or  related  field 
plus  3  years  exp.  in  job  offered  or  in 
a  related  position  such  as  Network  ; 
Engineer.  Send  resume  with  salary 
history  and  requirements  to  Open 
Text  Corporation,  c/o  HR  Dept.,  700 
King  Farm  Blvd.,  Suite  400, 

Rockville,  MD  20850.  Response 
must  reference  code:  SIS04. 
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Network  World  Events  and  Executive 
Forums  produces  educational  events  and 
executive  forums  worldwide,  including  our 
one  day  Technology  Tours,  customized  on¬ 
site  training,  and  executive  forums  such  as  DEMO®.  DEMOmobile®,  and 
VORTEX,  as  well  as  the  DEMOIetter  and  VORTEX  Digest  newsletters.  For 
complete  information  on  our  current  seminar  offerings,  call  us  at  800-643- 
4668  or  go  to  www.networkworld.com/events. 
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Network  world  by  ordering  reprints  of 
your  editorial  mentions.  Reprints 
make  great  marketing  materials  and 
are  available  in  quantities  of  500  and 
up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399- 


1900  x128  or  E-mail:  networkworld@reprmtbuyer.com. 
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Network  World  is  a  publication  of  IDG,  the  world's  largest 
publisher  of  computer-related  information  and  the  leading 
global  provider  of  information  services  on  information  tech¬ 
nology.  IDG  publishes  over  275  computer  publications  in  75 
countries.  Ninety  million  people  read  one  or  more  IDG  publi¬ 
cations  each  month.  Network  World  contributes  to  the  IDG 
News  Service,  offering  the  latest  on  domestic  and  interna¬ 
tional  computer  news. 
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"We  simply  aren't  interested  in  having 
to  worry  about  potential  legal  risks  of 
deploying  Red  Hat  Linux.  Knowing  the 
way  that  Microsoft  stands  behind  its 
products  with  IP  indemnification,  it's  one 
less  thing  that  I  have  to  worry  about." 

— Jamey  Anderson 
Technology  Services  Manager 
ADC  Telecommunications 


When  ADC  Telecommunications,  a  global  supplier  of  network  infrastructure 
equipment  and  services,  wanted  to  upgrade  its  Microsoft®  Windows®  client 
operating  systems,  they  also  evaluated  Red  Hat  Linux  9.  Their  analysis  of  the 
licensing,  training,  and  support  costs  of  both  estimated  that  the  Microsoft 
solution  would  cost  $1.7  million  less.*  But  those  weren't  the  only  costs  that  led 
them  to  choose  Microsoft.  "With  the  Linux  lawsuits  happening,  it's  something 
I  pay  a  lot  more  attention  to,"  says  Jamey  Anderson  of  ADC.  "The  level  to  which 
Microsoft  stands  behind  its  software  with  IP  indemnification  is  a  big  deal  to  us. 
We  can  be  guaranteed  that  Microsoft  will  back  us  with  no  financial  cap — no 
matter  how  big  a  lawsuit  may  become."  For  details  about  Microsoft's  indemnity, 
visit  microsoft.com/indemnification 

To  see  the  complete  ADC  case  study  and  for  other  third-party  findings, 
visit  microsoft.com/getthefacts 


'ki:C  estimated  price  savings  based  on  U.S.  dollars  for  5,500  client  computers  using  cost  figures  available  in  early  2004.  Various  factors  may  affect  actual  savings. 

c  .'CCS  M'crosoft  Corporation.  All  rights  reserved.  Microsoft,  Windows,  the  Windows  logo,  and  Windows  Server  System  are  either  registered  trademarks  or  trademarks  of 
Vi  soft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  trademarks  of  their  respective  owners. 
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revenue  fell  6.3%  from  2003  to  2004. 

At  its  StorageWorks  user  conference  in 
Las  Vegas,  HP  is  expected  to  roll  out: 

•  Three  new  models  of  its  midrange 
Enterprise  Virtual  Array  (EVA)  —  the 
EVA40000.6000  and  8000  external  disk  stor¬ 
age  systems. 

•  A  series  of  appliances  that  speed  data 
access  and  file  sharing  between  remote 
offices  and  the  data  center. 

•  A  clustered  gateway  product  for  consol¬ 
idating  file  services  in  remote  offices  back 
into  the  data  center. 

•  A  virtual  tape  library  for  open  systems 
—  Windows,  Unix  and  Linux  —  environ¬ 
ments  that  lets  IT  use  disk  to  emulate  tape 
backup. 

The  launch  of  the  new  EVAs,  the 
StorageWorks  Enterprise  File  Services 
(EFS)  and  the  virtual  tape  library  will 
make  for  a  much  more  comprehensive 
storage  portfolio. 

The  refresh  of  HP’s  EVA  products  has 
been  much  anticipated.lt  will  fill  out  HP’s 
family  of  midsize  enterprise  storage 
arrays  and  offer  midsize  companies  a 
scalable  choice  for  storage.  While  HP  de¬ 


clined  to  comment  on  the  new  EVAs  or 
any  of  the  other  products  it  will 
announce,  documents  downloaded  from 
HP’s  Web  site  detail  the  capabilities. 

“HP  is  making  a  comeback  in  storage,” 
says  Arun  Taneja,  founder  and  senior 
analyst  for  Taneja  Group.  “These 
announcements  bring  HP  a  heck  of  a  lot 
closer  to  competing  with  EMC  and 
Network  Appliance.” 

According  to  IDC,  in  2004  EMC  took  the 
No.  1  position  away  from  HP  for  external 
disk  storage  systems.  EMC  showed  a  2 1 . 1  % 
revenue  share,  followed  by  HP  with  18.7%. 

The  EVA4000  has  a  maximum  capacity  of 
16.8T  bytes;  the  EVA6000  scales  to  33.6T 
bytes;  and  the  EVA8000  has  a  maximum 
capacity  of  72T  bytes  using  240  drives, 
twice  the  capacity  of  HP’s  previous  Stor¬ 
ageWorks  EVA5000.The  EVA8000  supports 
connections  to  as  many  as  256  servers. 

In  addition,  the  EVA8000  is  more  than 
twice  as  fast  as  the  EVA6000.The  storage 
arrays  can  intermix  fast  Fibre  Channel 
and  less-expensive  and  lower-cost  Fibre 
Channel  drives. 

All  boxes  now  support  industry-stan¬ 
dard  multi-path  I/O  for  Windows,  Solaris, 
AIX,  NetWare  and  Linux  rather  than  HP’s 
proprietary  SecurePath  technology  Multi¬ 


path  I/O  is  the  ability  to  use  more  than 
one  physical  path  to  access  the  storage 
device,  providing  fault  tolerance  and 
load-balancing  of  storage  traffic. 

HP’s  new  product  barrage  also  will 
focus  on  hot  topics  such  as  clustered  file 
systems,  wide-area  file  services  (WAFS) 
for  branch-office  consolidation  and  the 
acceleration  of  chatty  file  services  proto¬ 
cols  across  the  WAN.  WAFS  systems  con¬ 
verge  remote-office  and  data  center  stor¬ 
age  and  reduce  the  latency  of  file  sharing 
imposed  by  WAN  connections. 

By  compressing  data  and  using  other 
techniques,  WAFS  makes  response  times 
LAN-like. 

To  provide  WAFS  to  branch  offices,  many 
of  which  are  without  IT  expertise,  HP  is 
using  WAN  Accelerator  technology  from 
Riverbed.  The  HP  EFS  WAN  Accelerators 
join  a  market  being  targeted  by  Cisco  (with 
its  acquisition  of  Actona)  and  Brocade  (in 
a  partnership  with  Tacit  Networks). 

Ronald  Godine,  manager  of  information 
systems  operations  for  Royal  Appliance  in 
Glenwillow,Ohio,is  looking  at  WAFS  prod¬ 
ucts  for  its  China  operation. 

Iin  the  past,  we’ve  flown  CDs  to  our  China 
office  and  FTP’d  information,  but  we  need 
real-time  access  to  the  data,”  he  says. 


The  EFS  WAN  Accelerators  are  HP  Pro¬ 
Liant  server-based  and  could  reduce 
WAN  traffic  by  60%  to  95%, according  to  a 
document  downloaded  from  HP’s  site. 

“While  over  a  LAN  you  have  immediate 
performance,  across  a  WAN  you  will 
notice  huge  differences  in  performance,” 
Godine  says.  “WAFS  has  the  potential  to 
reduce  that.” 

In  an  agreement  with  file-sharing  cluster 
vendor  PolyServe,  HP  is  also  launching  the 
StorageWorks  EFS  Clustered  Gateway  The 
gateway  allows  for  as  many  as  16  nodes 
—  ProLiant  servers  —  in  a  single  cluster 
and  supports  a  common  file  system  of  as 
large  as  16T  bytes.The  EFS  Gateways  sup¬ 
port  Unix/Linux  Network  File  System  files 
and  use  SuSE  Linux  Enterprise  Server. 
Because  the  cluster  is  symmetrical,  any 
node  can  back  up  others  in  the  cluster, 
thus  providing  data  protection. 

Finally,  the  StorageWorks  virtual  tape  im¬ 
plementation  also  fills  a  gap  in  the  com¬ 
pany’s  storage  systems  strategy.  Virtual 
tape,  which  has  become  a  popular  tech¬ 
nology  since  the  introduction  of  EMC’s 
Clariion  Disk  Library  and  Network 
Appliance’s  acquisition  of  Alacritus,  is  a 
capability  every  storage  vendor  is  getting 
into  in  some  way.  ■ 
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Printed  on  white  vinyl  the  size  of  a  drink 
coaster,  the  pitch  read:  ‘‘This  probably 
isn't  the  best  place  to  sell  you  penis 
enlargement.  Neither  is  your  e-mail.  We 


take  care  of  that."  We  in  this  case  would 
be  the  folks  at  MailFrontier. 

Another  educational  session  attempted 
to  answer  the  question:  “WiMAX:The 
Next  BigThing?”  On  the  panel  were  rep¬ 
resentatives  from  six  vendors  —  Intel, 
Qualcomm,  Sprint,  3Com,  AirTight 


Networks  and  Alvarion  —  all  of  which 
have  some  stake  in  the  matter. To  say 
they're  bullish  might  be  the  safest  bet  in 
Vegas. 

The  group's  rough  consensus?  Fixed 
WiMAX  will  be  a  slam-dunk  in  broad¬ 
band-poor  locales  and  for  certain  urban 


if.-. 


When  it  comes  to  building  networks  that  integrate 
rapidly  converging  technologies,  no  other  event 
showcases  the  full  spectrum  of  broadband, 
wireless,  IP  and  the  entire  public/private  network 
infrastructure  better  than  SUPERCOMM. 

From  VoIP  and  VPNs  to  WLANs  and  SANs,  smart 
enterprise  network  architects  can  view  it  all 
here.  Virtually  every  major  player  launches  their 
most  exciting  technologies  at  SUPERCOMM.  So 
you  can  see  everything  you  need  to  design  a 
network  that  delivers  it  all:  Robust  Connectivity. 
Increased  Productivity.  Lower  TCO.  Stronger  ROI. 


You  can  also  network  with  IT  decision-makers 
from  the  world's  largest  corporations,  government 
agencies  and  educational  institutions  st 
EntNet@SUPERCOMM,  a  FREE  two-day  conference. 
Or,  attend  paid  enterprise  programs  including 
pulver.com's  SIP  Summit  and  ECC@SUPERCOMM. 
Everywhere  you  go,  you'll  be  surrounded  with 
solutions.  That's  why  SUPERCOMM  is  your  total 
opportunity  for  success  -  and  a  can't  miss  event. 

Act  now  -  visit  www.supercomm2005.com  today 
to  register  free  and  save  $150. 
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sUPEHCOMM*  is  a  registered  trademark  of  the  Telecommunications  Industry  Association  (TIA)  and  the  United  States  Telecom  Association  (USTA). 


uses,  while  the  ultimate  embrace  of 
mobile  WiMAX  remains  a  bit  more  of  an 
open  question. 

Jeff  Belk,  a  Qualcomm  marketing  exec¬ 
utive,  came  closest  to  offering  a  gen¬ 
uinely  discouraging  word:  "You're  not 
going  to  go  from  standardization  to  mil¬ 
lions  of  units  without  going  through  the 
kinds  of  painful  steps  that  every  other 
wireless  technology  has  gone  through.” 

AT&T  technology  guru  Hossein 
Eslambolchi  loves  WiMAX,  too,  and  he 
just  can’t  say  enough  good  things  about 
IP,  in  general.  For  example,  there’s  his 
oft-repeated  contention  that  "IP  will  eat 
everything,”  which  he  repeated  once 
again  during  his  Interop  keynote  address. 
Eslambolchi  also  told  an  anecdote  about 
VoIP  sparing  Martha  Stewart  the  indigni¬ 
ty  of  a  Virginia  telephone  exchange  by 
bringing  her  tony  212  New  York  number  to 
her  since-vacated  jail  cell. 

Who  had  the  biggest  booth  with  the 
fewest  visitors?That  looked  to  be  MCl’s 
ghost  town.  Completely  unfounded, 
though,  were  rumors  that  the  booth  had 
been  physically  seized  by  Qwest  CEO 
Richard  Notebaert. 

And  then  there  was  this  bit  of  unex¬ 
pected  advice:  A  3Com  presenter  bid 
farewell  to  his  assembled  audience  by 
urging  them  to  “have  a  safe  show.”  ...  I 
guess  it  really  is  a  jungle  out  there. 

Did  anyone  find  the  shirt  I  lost  in  Vegas?  If 
so,  the  address  is  buzz@nww.com. 
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Details  and  registration  information  can  be  found  on  www.enterprisemanagemenr.com . 
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Mark  Gibbs 


Betting  on  the  future 

i 


just  bet  Dean  Drako,  the  CEO  of 
anti-spyware/spam  vendor 
Barracuda  Networks,  $5  that 
within  five  years  all  of  our  important 
network  connections  will  be  made 
over  secure  connections.  Dean  dis¬ 
agrees.  He  thinks  it  will  take  longer 
than  that. 

The  issue  came  up  last  week  when  we  were  dis¬ 
cussing  spyware  at  Interop  in  Las  Vegas  —  Drako’s 
company  will  incorporate  spyware  detection  in  its 
anti-spam  firewall  products  —  and  I  contend  that 
the  spyware  problem  is  growing  at  a  pace  that 
exceeds  the  rise  of  any  previous  threat.  It  will  make 
spam  and  viruses  look,  at  best,  second-rate  threats 
and  cause  lost  productivity  on  a  scale  so  great  that 
we  will  have  to  change  the  way  we  communicate. 

My  argument  is  founded  on  the  fact  that  spyware 
already  has  become  a  huge  problem.  Depending 
on  whose  figures  you  believe,  spyware  is  installed 
on  60%  to  70%  of  all  corporate  PCs  and  is  responsi¬ 
ble  for  at  least  half  of  all  PC  crashes  and  about 
one-fifth  of  all  support  calls. 

If  you  haven’t  experienced  the  joys  of  spyware, 
just  wait,  you  will.  I’ve  been  wrestling  with  spy- 
ware  on  my  laptop  on  and  off  for  the  last  couple 
of  months.  On  start-up,  an  Internet  Explorer  win¬ 
dow  pops  up  on  top  of  every  other  window  titled 


“My  Search  Page,”  and  it  is  very  hard  to  kill  off. 
Until  you  click  on  a  link,  you  can’t  escape  it,  and 
after  you  do,  you  will  be  subjected  to  pop-up  ads 
every  few  minutes.  I’ve  run  every  spyware  tool  I 
can  find  to  try  to  remove  or  at  least  identify  the 
software,  but  so  far  no  luck.  Any  advice  you  might 
have  would  be  interesting. 

The  fact  that  spyware  already  is  a  major  head¬ 
ache  was  obvious  at  Interop  —  the  number  of  ven¬ 
dors  with  anti-spyware  products  was  remarkable, 
and  along  with  wireless  technology  it  was  one  of 
the  show’s  biggest  themes. 

New  answers 

I  saw  several  interesting  anti-spyware  products. 
AbsoluteSafe  from  start-up  Zeroday  Security  is  a 
small  box  that  is  connected  to  your  PC  by  a  USB 
cable  and  features  a  single  switch  and  a  red  light. 
When  the  red  light  is  on, your  PC  is  protected  and 
no  software  can  be  added  to  the  system.  Flip  the 
switch,  your  PC  can  be  updated. The  hardware 
won’t  be  available  until  later  this  summer  and 
don’t  bother  looking  at  its  Web  site  (www.zeroday 
securitycom)  for  a  while  because  not  only  is  the 
site  awful,  it  tells  you  less  than  I  just  did. 

While  AbsoluteSafe  is  targeted  at  individual  PCs, 
SecureWave  has  an  enterprise  anti-spyware  prod¬ 
uct  now  available  for  Windows. The  product,  called 


Sanctuary  Application  Control,  uses  kernel-level  dri¬ 
vers  to  intercept  application  loading  and  performs 
an  SHA  checksum  on  the  code.  It  then  compares 
that  checksum  with  a  list  of  all  known  code  and  if 
the  software  can’t  be  identified,  it  prevents  the  soft¬ 
ware  from  running.  SecureWave  told  me  they 
already  are  making  large  sales  to  government 
agencies. 

A  third  company  of  interest  was  RealBlocker, 
another  start-up  without  a  useful  Web  site  (www. 
realblocker.com).  It  is  demonstrating  an  interesting- 
looking,  appliance-based  system  called 
RealBlocker  that  can  detect  and  block  spyware  on 
the  wire  as  it  crosses  your  network,  and  block 
access  to  Web  sites  that  are  known  spyware 
sources. 

So  how  bad  is  the  whole  spyware  thing  going  to 
get?  Really  bad.  When  I  wrote  earlier  in  the  year 
about.an  Internet  catastrophe,  this  is  the  kind  of 
thing  that  could  well  make  that  prediction  come 
true.  But  there  is  a  positive  side  to  this  —  we’re 
going  to  be  pushed  into  taking  action.  Authen¬ 
ticated  e-mail  will  become  mandatory  Servers  of 
all  kinds  will  only  talk  over  secure  connections. 
And  I  will  be  $5  better  off. 

What’s  your  bet?  Tell  me  the  odds  at 
backspin  @gibbs.  com. 
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News,  insights,  opinions  and  oddities 


By  Paul  McNamara 

A  string  of  Interop  moments 

Heard  —  and  overheard  —  at  last 
week's  Interop  conference  in  Las  Vegas: 

John  Chambers  is  no  Bono,  notwithstanding  his  being  introduced  as  the  net¬ 
work  industry's  answer  to  the  U2  frontman.  (For  one  thing,  it’s  impossible  to  imag¬ 
ine  Cisco's  CEO  dropping  an  F-bomb  on  nationaITV.)  But  Chambers  does  pos¬ 
sess  a  compelling  stage  presence,  which  was  on  full  display  as  he  preached  the 
gospel  according  to  Cisco  during  the  show’s  kickoff  address. 

“Everyone  here  wants  to  talk  about  technology,”  Chambers  said  on  one  of  his 
numerous  forays  out  into  the  audience,  which  even  included  a  rather  risky  leap 
off  the  stage.  "But  what  will  cause  people  to  spend  money  is  improving  their 
entertainment,  their  healthcare  or  their  business  productivity.” 

And  golly-gosh  if  it  isn’t  Cisco  technology  that  will,  in  his  estimation,  bring 
about  those  improvements. 

Like  many  practiced  public  speakers,  Chambers  leans  a  bit  too  heavily  on 
favored  rhetorical  devices.  For  example,  he  used  this  phrase  on  at  least  six  occa¬ 
sions  after  laying  out  a  premise:  "You  know  where  I’m  headed  with  this." 

You  did  know,  too,  although  Chambers  is  apparently  convinced  that  such  is  not 
always  the  case  with  Cisco  customers.  As  a  result,  his  company  is  about  to 
become  more  of  an  open  book,  he  promised. 

“We're  going  to  start  sharing  with  you  more  and  more  of  where  we’re  headed” 
with  product  road  maps.  “You  will  see  us  be  more  open  on  where  we  are  in  mar¬ 
ket  share.” 

I  half  expected  the  crowd  to  start  singing  "Beautiful  Day." 

No  one  would  dare  to  compare  Scott  Kriens  to  a  rock  star,  but  that  wasn't  going 
stop  the  Juniper  CEO  from  beating  a  drum  for  his  company  during  a  keynote 
address  that  opened  Day  Two  of  the  conference. 

Kriens  as  a  keynoter  might  best  be  described  as  articulate  and  earnest,  which  is 


a  polite  way  of  saying  he’s  no  ball  office. 

"What  is  the  industry  doing?  Is  it  consolidating?"  he  asked  rhetorically.  "My 
answer  is  yes  and  no.” 

What  he  meant  was  that  the  answer  is  really  yes,  but  that  doesn’t  mean  you 
should  buy  all  your  stuff  from  Cisco. 

Blaring  U2  music  at  the  close  of  his  address  was  a  nice  dig  at  Chambers, 
though. 

Equivocation  was  not  an  issue  during  an  educational  session  about  spam. 

“Users  are  stupid,”  said  Mirapoint  product  manager  John  Veizades.  His  proof — 
not  that  anyone  in  the  audience  was  demanding  any  —  is  a  recent  study  showing 
that  10%  of  e-mail  users  actually  have  bought  goods  or  services  offered  through 
spam.  In  other  words,  we  all  know  people  who’ve  done  it,  and  that's  sad. 

In  addition  to  a  dearth  of  common  sense,  a  lack  of  effective  e-mail  authentica¬ 
tion  is  undermining  anti-spam  efforts. To  illustrate  the  point,  VeriSign  principal 
scientist  Phillip  Hallam-Bakertold  a  tale  of  his  two  telephones  that  before  the 
institution  of  the  do-not-call  list  received  an  unwanted  solicitation  “only  about 
once  a  fortnight”  One  phone  number  he  placed  on  the  list;  the  other  was  left 
unprotected.The  first  gets  no  junk  calls  now,  and  the  second  gets  about  three  a 
day.  His  point:  E-mail  desperately  needs  its  own  Caller  ID. 

Also  desperately  needed  is  more  discretion  by  cell  phone  users. 

“It’s  an  extremely  hard  thing  to  prove  that  our  box  caused  their  downtime,"  said 
one  indiscreet  user  within  my  earshot. 

The  man  wasn’t  suggesting  that  the  cause  of  the  downtime  was  any  mystery  to 
him.  He  was  merely  taking  comfort  in  the  idea  that  the  uncertainty  of  others 
would  be  his  friend.  Had  I  seen  his  conference  badge,  you  might  all  know  the  ven¬ 
dor's  name  right  now. 

Getting  your  name  known  —  in  a  good  way  —  is  Job  One  for  vendors  at  Interop. 
Banners  and  posters  are  plastered  over  every  inch  of  the  convention  center.  One 
marketing  message  even  stared  up  at  me  from,  of  all  places,  the  top  of  a  urinal. 

See  'NetBuzz,  page  60 


SUPERX  lO-GE  SWITCH  FAMILY 

A  Unified  architecture  for  Enterprise  and  Service  provider  LAN  and  Metro  infrastructures 


Wf  ith  the  performance  you  expect  from  Foundry— now  comes  the  price,  flexibility,  and  density  breakthrough  you’ve  been  waiting  for.  The  new 
SuperX  family  of  Layer  2/3  modular  switches  provides  the  industry’s  highest  Gigabit  Ethernet  and  10-GE  density  per  rack  and  the  lowest  10- 
GE  price  per  port  in  a  modular  switch.  The  SuperX  family  delivers  an  extensive  feature  set,  standards-based  Power-over-Ethernet,  support  for  full 
Layer  3  (including  OSPF  and  BGP4),  and  wire-speed  10-GE  solutions.  From  the  enterprise  to  the  service  provider  environment:  SuperX  is  the  right  choice! 


FASTlRDN  SUPERX 

•  EDGE  &  WIRING  CLOSET  SWITCH 

•  EXTENSIVE  QOS  AND 
SECURITY  FEATURES 

•  EASE  OF  UPGRADE  TO  POE 


TurboIron  SuperX 

•  lO-GE  AGGREGATION  AND  CORE  £ 

•  PRE-CONFIGURED  WITH  16  1  O-GE 
PORTS  PER  SWITCH 

•  INDUSTRY  LEADING  PRICE  OF 
LESS  THAN  $2,500/10-GE  PORT 


BlGlRON  SUPERX 

H  •  ENTERPRISE  AND  METRO  L3 

BACKBONE  SWITCH 

•  HIGH-PERFORMANCE  LAYER  3 
ROUTING  PROCESSOR 

•  UP  TO  1  MILLION  ROUTES  AND 
200+  BGP  PEERS 


HIGH  DENSITY 

•  Up  to  204  Ports  GE-SFP  Mini-GBIC 

•  Up  to  204  Ports  10/100/1000 

•  Up  to  192  Ports  10/100/1000  PoE 

•  Up  to  16  Ports  10-GE 

HIGH  PERFORMANCE 

•  Wire-Speed  Every  Port 

•  Up  to  304  Mpps  Throughput 

•  510-Gbps  Switching  Capacity 

CONVERGENCE  READY 

•  Standards-Based  Power-over-Ethernet 

•  Purpose-Built  for  Data,  Voice  &Video 

•  Integrated  Wired  &  Wireless  Support 

I  RON  SHIELD  SECURITY 

•  Wire-Speed  ACLs  &  Rate  Limiting 

•  Secure  Shell,  Secure  Copy,  SNMPv3 

•  DoS  Attack  Protection 

•  802.  lx  &  MAC  Authentication 
with  Dynamic  Policy 
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ilRON 
PE  RX 


CLUSTER 

COMPUTING 


FIBER  GIG  DISTRIBUTION  10/100/1000  AGGREGATION 


APP  SERVERS 

GIG  AND  1  O-GE  DATA  CENTERS 
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FOUNDRY 

NETWORKS 

The  Power  of  Performance™ 


For  more  information  please  call: 

US/CANADA  1  BBS  TURBOLAN, 

INTERNATIONAL  +1  408.586.1  700 

OR  VISIT  OUR  WEBSITE  AT  WWW.FOUNDRYNET.COM/SX 

Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and 
Web  traffic  management  solutions  including  Layer  2/3  LAN  switches,  Layer  3  Backbone  switches.  Layer  4-7  Web  switches, 
wireless  LAN  and  access  points,  access  routers  and  Metro  routers. 


What  you  want  are  the  benefits  of  mobility.  What  you  don’t  want 
is  a  network  full  of  uninvited  guests.  No  problem.  Nokia  is  a 
world  leader  in  network  protection.  More  than  200,000  of  our 
built-for-security  hardened  appliances  have  been  shipped  to  customers 
around  the  world— all  featuring  our  unique  combination  of  trusted  Check 
Point™  firewall  and  VPN  software.  And  firewalls  are  just  part 
of  our  exceptional  family  of  Secure  Mobile  Connectivity  solutions. 

Nokia:  with  you  on  the  road  to  mobility. 


The  road  to 

Secure  Mobile  Connectivity 

begins  here. 

Firewall  IP  VPN  SSL  VPN 


www.nokiaforbusiness.com/americas/smc 
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